CWE-352
Medium likelihoodCross-Site Request Forgery (CSRF)
The web application does not, or cannot, sufficiently verify whether a request was intentionally provided by the user who sent the request, which could have originated from an unauthorized actor.
9,371 vulnerabilities with CWE-352
CVE-2022-1895
MEDIUM
underConstruction < 1.20 - Cross-Site Request Forgery in Construction Mode Deactivation
CVSS 4.3
CVE-2022-1832
MEDIUM
CaPa Protect < 0.5.8.2 - Cross-Site Request Forgery in Settings Update
CVSS 6.5
CVE-2022-1831
MEDIUM
WPlite < 1.3.1 - Cross-Site Request Forgery in Settings Update
CVSS 6.5
CVE-2022-1830
MEDIUM
Amazon Einzeltitellinks < 1.3.3 - Cross-Site Request Forgery and Stored Cross-Site Scripting via Settings Update
CVSS 6.5
CVE-2022-1829
MEDIUM
Inline Google Maps < 5.11 - Cross-Site Request Forgery and Stored Cross-Site Scripting
CVSS 6.5
CVE-2022-1828
MEDIUM
PDF24 Articles To PDF < 4.2.2 - Cross-Site Request Forgery in Settings Update
CVSS 6.5
CVE-2022-1827
MEDIUM
PDF24 Article To PDF WordPress Plugin < 4.2.2 - Cross-Site Request Forgery in Settings Update
CVSS 6.5
CVE-2022-1826
MEDIUM
Cross-Linker < 3.0.1.9 - Cross-Site Request Forgery in Cross-Link Creation
CVSS 6.5
CVE-2022-1818
MEDIUM
Multi-page Toolkit < 2.6 - Cross-Site Request Forgery and Stored Cross-Site Scripting via Settings Update
CVSS 5.4
CVE-2022-1630
MEDIUM
WP-EMail < 2.69.0 - Cross-Site Request Forgery via Log Deletion
CVSS 6.5
CVE-2022-1610
MEDIUM
Seamless Donations < 5.1.9 - Cross-Site Request Forgery in Settings Update
CVSS 6.5
CVE-2022-1603
MEDIUM
Mail Subscribe List < 2.1.4 - Cross-Site Request Forgery via User Deletion
CVSS 4.3
CVE-2022-30328
MEDIUM
TRENDnet TEW-831DR 1.0 601.130.1.1356 - Unauthenticated Credential Change via Web Interface
CVSS 6.5
CVE-2022-30327
MEDIUM
TRENDnet TEW-831DR 1.0 601.130.1.1356 - Cross-Site Request Forgery
CVSS 6.5
CVE-2022-26173
HIGH
JForum 2.8.0 - Cross-Site Request Forgery via Admin Account Addition
CVSS 8.8
CVE-2022-31294
MEDIUM
Online Discussion Forum Site 1 - Info Disclosure
CVSS 6.5
CVE-2022-29450
MEDIUM
Admin Management Xtended < 2.4.4 - Cross-Site Request Forgery
CVSS 5.4
CVE-2022-29453
MEDIUM
API KEY for Google Maps <= 1.2.1 - Cross-Site Request Forgery Leading to API Key Update
CVSS 5.4
CVE-2022-29441
MEDIUM
Private Messages For WordPress <= 2.1.10 - Cross-Site Request Forgery
CVSS 4.3
CVE-2022-29439
MEDIUM
Image Slider by NextCode <= 1.1.2 - Cross-Site Request Forgery via Slide Deletion
CVSS 5.4
CVE-2022-29437
MEDIUM
Image Slider by NextCode <= 1.1.2 - Cross-Site Request Forgery
CVSS 5.4
CVE-2022-30930
MEDIUM
Tourism Management System <3.2 - CSRF
CVSS 4.3
CVE-2022-30931
MEDIUM
Employee Leaves Management System (ELMS) V 2.1 - CSRF
CVSS 6.5
CVE-2022-1969
HIGH
WordPress Mobile Browser Color Select Plugin <=1.0.1 - CSRF
CVSS 8.8
CVE-2022-1749
HIGH
WPMK Ajax Finder < 1.0.1 - Cross-Site Request Forgery via createplugin_atf_admin_setting_page()
CVSS 8.8
Details
Vulnerabilities
9,371
Exploit Likelihood
Medium