CWE-352
Medium likelihoodCross-Site Request Forgery (CSRF)
The web application does not, or cannot, sufficiently verify whether a request was intentionally provided by the user who sent the request, which could have originated from an unauthorized actor.
9,371 vulnerabilities with CWE-352
CVE-2022-45130
MEDIUM
Plesk Obsidian - Cross-Site Request Forgery via REST API
CVSS 6.5
CVE-2022-43031
HIGH
dedecms v6.1.9 - Cross-Site Request Forgery
CVSS 8.8
CVE-2022-43488
MEDIUM
Advanced Dynamic Pricing for WooCommerce <= 4.1.5 - CSRF
CVSS 5.4
CVE-2022-44741
MEDIUM
Testimonial Slider <= 1.3.1 - Cross-Site Request Forgery leading to Cross-Site Scripting
CVSS 6.1
CVE-2022-43491
MEDIUM
WordPress Advanced Dynamic Pricing <4.1.5 - CSRF
CVSS 5.4
CVE-2022-43481
MEDIUM
Advanced Coupons for WooCommerce Coupons plugin <= 4.5 - Cross-Site Request Forgery leading to notice dismissal
CVSS 5.4
CVE-2022-41136
MEDIUM
Shortcodes Ultimate <=5.12.0 - CSRF/XSS
CVSS 6.1
CVE-2022-40632
MEDIUM
wpForo Forum <= 2.0.5 - Cross-Site Request Forgery Leading to Topic Deletion
CVSS 5.4
CVE-2022-40128
MEDIUM
Advanced Order Export For WooCommerce <= 3.3.2 - Cross-Site Request Forgery
CVSS 4.3
CVE-2022-38137
MEDIUM
Analytify WordPress Plugin <= 4.2.2 - Cross-Site Request Forgery
CVSS 4.3
CVE-2022-32587
MEDIUM
CodeAndMore WP Page Widget <= 3.9 - Cross-Site Request Forgery
CVSS 5.4
CVE-2022-27855
MEDIUM
Analytics Cat <= 1.0.9 - Cross-Site Request Forgery in Plugin Settings
CVSS 5.4
CVE-2022-30694
MEDIUM
SIMATIC S7-1500 Software Controller - Authenticated Cross-Site Request Forgery via Login Endpoint
CVSS 6.5
CVE-2022-3537
HIGH
Role Based Pricing for WooCommerce < 1.6.2 - Authenticated Arbitrary File Upload
CVSS 8.8
CVE-2022-3536
HIGH
WooCommerce WordPress <1.6.3 - Code Injection
CVSS 8.8
CVE-2022-3489
MEDIUM
WP Hide < 0.0.2 - Unauthenticated Missing Authorization in Custom WPAdmin Slug Update
CVSS 5.3
CVE-2022-3451
MEDIUM
Product Stock Manager < 1.0.5 - Missing Authorization in AJAX Actions
CVSS 4.3
CVE-2022-2387
MEDIUM
Easy Digital Downloads < 3.0 - Cross-Site Request Forgery via Payment History Deletion
CVSS 4.3
CVE-2022-38660
HIGH
HCL XPages - Cross-Site Request Forgery
CVSS 8.3
CVE-2022-20961
HIGH
Cisco Identity Services Engine - Cross-Site Request Forgery
CVSS 8.8
CVE-2022-44627
MEDIUM
David Cole Simple SEO WordPress Plugin <= 1.8.12 - Cross-Site Request Forgery
CVSS 5.4
CVE-2022-40131
MEDIUM
a3rev Page View Count <= 2.5.5 - Cross-Site Request Forgery
CVSS 5.4
CVE-2022-36404
MEDIUM
David Cole Simple SEO <= 1.8.12 - CSRF
CVSS 5.4
CVE-2022-30608
HIGH
IBM InfoSphere Information Server 11.7 - Cross-Site Request Forgery
CVSS 8.8
CVE-2022-25952
MEDIUM
Content Egg WordPress Plugin <= 5.4.0 - Cross-Site Request Forgery
CVSS 4.3
Details
Vulnerabilities
9,371
Exploit Likelihood
Medium