CWE-352
Medium likelihoodCross-Site Request Forgery (CSRF)
The web application does not, or cannot, sufficiently verify whether a request was intentionally provided by the user who sent the request, which could have originated from an unauthorized actor.
9,371 vulnerabilities with CWE-352
CVE-2022-29489
MEDIUM
Sucuri Security <= 1.8.33 - Cross-Site Request Forgery
CVSS 4.3
CVE-2022-3221
HIGH
rdiffweb < 2.4.3 - Cross-Site Request Forgery
CVSS 8.8
CVE-2022-40623
HIGH
WAVLINK Quantum D4G (WN531G3) M31G3.V5030.200325 - Cross-Site Request Forgery
CVSS 8.8
CVE-2022-38329
MEDIUM
Shopxian CMS 3.0.0 - Cross-Site Request Forgery
CVSS 4.3
CVE-2022-32555
HIGH
Unisys Data Exchange Management Studio < 6.0.IC2 and 7.x < 7.0.IC1 - Cross-Site Request Forgery
CVSS 8.8
CVE-2022-38139
MEDIUM
RD Station WordPress Plugin <= 5.2.0 - Cross-Site Request Forgery
CVSS 5.4
CVE-2022-38144
HIGH
gVectors Team wpForo Forum <2.0.5 - CSRF
CVSS 8.8
CVE-2022-38093
MEDIUM
All in One SEO < 4.2.3.1 - Cross-Site Request Forgery
CVSS 5.4
CVE-2022-38059
MEDIUM
Alexey Trofimov's Access Code Feeder <=1.0.3 - CSRF
CVSS 5.5
CVE-2022-37411
MEDIUM
Captcha Code <= 2.7 - Cross-Site Request Forgery
CVSS 5.4
CVE-2022-37405
MEDIUM
Better Font Awesome <= 2.0.1 - Cross-Site Request Forgery
CVSS 4.3
CVE-2022-35277
MEDIUM
GetResponse for WordPress <= 5.5.20 - Cross-Site Request Forgery
CVSS 5.4
CVE-2022-36095
MEDIUM
XWiki Platform <13.10.5-14.3 - CSRF
CVSS 4.3
CVE-2022-37730
HIGH
ftcms 2.1 - Cross-Site Request Forgery
CVSS 8.8
CVE-2022-33177
MEDIUM
WPdevelop/Oplugins Booking Calendar <9.2.1 - CSRF
CVSS 5.4
CVE-2022-2542
HIGH
Clickbank WordPress Plugin <3.9.1 - CSRF/XSS
CVSS 8.8
CVE-2022-2541
HIGH
Amazon WordPress Plugin <3.9.1 - XSS
CVSS 8.8
CVE-2022-2540
HIGH
Link Optimizer Lite <= 1.4.5 - Cross-Site Request Forgery to Cross-Site Scripting via Missing Nonce Validation
CVSS 8.8
CVE-2022-2518
HIGH
Stockists Manager for Woocommerce <= 1.0.2.1 - Cross-Site Request Forgery via stockist_settings_main()
CVSS 8.8
CVE-2022-2432
HIGH
Ecwid Ecommerce Shopping Cart <= 6.10.23 - Cross-Site Request Forgery via ecwid_update_plugin_params
CVSS 8.8
CVE-2022-2233
HIGH
Banner Cycler <= 1.4 - Cross-Site Request Forgery via pabc_admin_slides_postback
CVSS 8.8
CVE-2022-23680
HIGH
AOS-CX CSRF in 10.06.0000-10.06.0200, 10.08.xxxx<=10.08.1060, 10.09.xxxx<=10.09.1020, 10.10.xxxx<=10.10.0002
CVSS 8.8
CVE-2022-23679
HIGH
AOS-CX CSRF in 10.06.0000-10.06.0200, 10.08.xxxx<=10.08.1060, 10.09.xxxx<=10.09.1020, 10.10.xxxx<=10.10.0002
CVSS 8.8
CVE-2022-3121
MEDIUM
Online Employee Leave Management System 1.0 - Cross-Site Request Forgery in addemployee.php
CVSS 4.3
CVE-2022-2657
MEDIUM
Multivendor Marketplace Solution <3.8.12 - CSRF
CVSS 4.3
Details
Vulnerabilities
9,371
Exploit Likelihood
Medium