CWE-352
Medium likelihoodCross-Site Request Forgery (CSRF)
The web application does not, or cannot, sufficiently verify whether a request was intentionally provided by the user who sent the request, which could have originated from an unauthorized actor.
9,371 vulnerabilities with CWE-352
CVE-2022-25608
MEDIUM
Yoo Slider < 2.0.0 - Cross-Site Request Forgery Leading to Slider Duplicate or Delete
CVSS 5.4
CVE-2022-23349
HIGH
BigAnt Server 5.6.06 - Cross-Site Request Forgery
CVSS 8.8
CVE-2022-0681
MEDIUM
Simple Membership < 4.1.0 - Cross-Site Request Forgery via Transaction Deletion
CVSS 6.5
CVE-2022-0616
MEDIUM
Amelia < 1.0.47 - Cross-Site Request Forgery via Customer Deletion
CVSS 4.3
CVE-2022-0515
MEDIUM
GitHub crater-invoice/crater <6.0.4 - CSRF
CVSS 4.3
CVE-2022-0229
HIGH
miniOrange's Google Authenticator WordPress <5.5 - CSRF
CVSS 8.1
CVE-2022-24235
HIGH
Snapt Aria 12.8 - Cross-Site Request Forgery
CVSS 8.8
CVE-2022-27226
HIGH
iRZ Mobile Router Firmware < 2022-03-16 - Cross-Site Request Forgery via Crontab API
CVSS 8.8
CVE-2022-27214
MEDIUM
Jenkins Release Helper Plugin < 1.3.3 - Cross-Site Request Forgery
CVSS 4.3
CVE-2022-27210
MEDIUM
Jenkins Kubernetes Continuous Deploy Plugin < 2.3.1 - Cross-Site Request Forgery
CVSS 6.5
CVE-2022-27204
HIGH
Jenkins Extended Choice Parameter < 346.vd87693c5a_86c - Cross-Site Request Forgery
CVSS 8.8
CVE-2022-27198
HIGH
Jenkins CloudBees AWS Credentials Plugin < 189.v3551d5642995 - Cross-Site Request Forgery
CVSS 8.0
CVE-2022-22348
LOW
IBM Spectrum Protect Operations Center <8.1.13 - SSRF
CVSS 2.4
CVE-2022-22346
HIGH
IBM Spectrum Protect Operations Center <8.1.14 - CSRF
CVSS 8.8
CVE-2022-25600
MEDIUM
Weplugins WP Maps < 4.2.4 - CSRF
CVSS 5.4
CVE-2022-0445
MEDIUM
WordPress Real Cookie Banner <2.14.2 - CSRF
CVSS 6.5
CVE-2022-0439
HIGH
Email Subscribers & Newsletters <5.3.2 - SQL Injection
CVSS 8.8
CVE-2022-23052
MEDIUM
Petereport - Cross-Site Request Forgery
CVSS 6.5
CVE-2022-24712
MEDIUM
CodeIgniter 4.0.0-4.1.8 - Cross-Site Request Forgery Protection Bypass
CVSS 6.3
CVE-2022-0345
MEDIUM
Customize WordPress Emails and Alerts <1.8.7 - CSRF
CVSS 4.3
CVE-2022-0328
MEDIUM
Simple Membership < 4.0.9 - Cross-Site Request Forgery via Bulk Member Deletion
CVSS 4.7
CVE-2022-24342
HIGH
JetBrains TeamCity <2021.2.1 - CSRF
CVSS 8.8
CVE-2022-24947
HIGH
Apache JSPWiki < 2.11.2 - Cross-Site Request Forgery in User Preferences Form
CVSS 8.8
CVE-2022-21179
MEDIUM
EC-CUBE Mail Magazine Management Plugin 1.0.0-1.0.4 - Cross-Site Request Forgery
CVSS 4.3
CVE-2022-25599
MEDIUM
Spiffy Calendar <= 4.9.0 - Cross-Site Request Forgery via Event Deletion
CVSS 5.4
Details
Vulnerabilities
9,371
Exploit Likelihood
Medium