CWE-352
Medium likelihoodCross-Site Request Forgery (CSRF)
The web application does not, or cannot, sufficiently verify whether a request was intentionally provided by the user who sent the request, which could have originated from an unauthorized actor.
9,371 vulnerabilities with CWE-352
CVE-2022-41615
MEDIUM
WordPress Store Locator <1.4.5 - XSS
CVSS 6.1
CVE-2022-40695
MEDIUM
SEO Redirection Plugin <= 8.9 - Cross-Site Request Forgery
CVSS 5.4
CVE-2022-41805
MEDIUM
Booster for WooCommerce <= 5.6.6 - CSRF
CVSS 5.4
CVE-2022-40687
MEDIUM
Creative Mail by Constant Contact <= 1.5.4 - Cross-Site Request Forgery
CVSS 5.4
CVE-2022-40686
MEDIUM
Creative Mail by Constant Contact <= 1.5.4 - Cross-Site Request Forgery
CVSS 5.4
CVE-2022-38075
MEDIUM
Mantenimiento web plugin <= 0.13 - CSRF/XSS
CVSS 6.1
CVE-2022-40192
HIGH
wpForo Forum <= 2.0.9 - Cross-Site Request Forgery
CVSS 7.1
CVE-2022-45072
MEDIUM
WPML Multilingual CMS <= 4.5.13 - Cross-Site Request Forgery
CVSS 4.3
CVE-2022-45071
MEDIUM
WPML Multilingual CMS <= 4.5.13 - Cross-Site Request Forgery
CVSS 5.4
CVE-2022-42246
HIGH
duofox_cms 0.0.4 - Cross-Site Request Forgery
CVSS 8.8
CVE-2022-4021
HIGH
Permalink Manager Lite <2.2.20.1 - CSRF
CVSS 8.8
CVE-2022-4014
MEDIUM
FeehiCMS - Cross-Site Request Forgery in Post My Comment Tab
CVSS 4.3
CVE-2022-4013
MEDIUM
Hospital Management Center - Cross-Site Request Forgery in appointment.php
CVSS 4.3
CVE-2022-45398
MEDIUM
Jenkins Cluster Statistics Plugin < 0.4.6 - Cross-Site Request Forgery
CVSS 4.3
CVE-2022-45393
LOW
Jenkins Delete log Plugin < 1.0 - Cross-Site Request Forgery
CVSS 3.5
CVE-2022-3240
HIGH
WordPress Follow Me Plugin <3.1.1 - CSRF
CVSS 8.8
CVE-2022-35613
HIGH
Konker Platform 2.3.9 - Cross-Site Request Forgery
CVSS 8.8
CVE-2022-44389
MEDIUM
EyouCMS V1.5.9-UTF8-SP1 - Cross-Site Request Forgery via Edit Admin Profile Module
CVSS 6.5
CVE-2022-44387
HIGH
EyouCMS V1.5.9-UTF8-SP1 - Cross-Site Request Forgery via Edit Member Basic Information
CVSS 8.8
CVE-2022-43323
HIGH
EyouCMS V1.5.9-UTF8-SP1 - Cross-Site Request Forgery via Top Up Balance Component
CVSS 8.8
CVE-2022-43693
HIGH
Concrete CMS < 8.5.10 - Cross-Site Request Forgery via OAuth State Parameter Omission
CVSS 8.8
CVE-2022-3632
MEDIUM
DigitialPixies OAuth Client < 1.1.0 - Cross-Site Request Forgery
CVSS 6.5
CVE-2022-3538
MEDIUM
Webmaster Tools Verification <1.2 - CSRF
CVSS 6.5
CVE-2022-2449
MEDIUM
resmush.it Image Optimizer < 0.4.7 - Cross-Site Request Forgery
CVSS 6.5
CVE-2022-3978
MEDIUM
NodeBB < 2.5.8 - Cross-Site Request Forgery via /register/abort Endpoint
CVSS 4.3
Details
Vulnerabilities
9,371
Exploit Likelihood
Medium