CWE-352
Medium likelihoodCross-Site Request Forgery (CSRF)
The web application does not, or cannot, sufficiently verify whether a request was intentionally provided by the user who sent the request, which could have originated from an unauthorized actor.
9,371 vulnerabilities with CWE-352
CVE-2022-0215
HIGH
XootiX Login/Signup Popup <= 2.2, Side Cart Woocommerce <= 2.0, Waitlist Woocommerce <= 2.5.1 - CSRF via save_settings
CVSS 8.8
CVE-2022-0154
HIGH
GitLab <14.4.5, <14.5.3, <14.6.2 - CSRF
CVSS 7.5
CVE-2022-0245
MEDIUM
GitHub livehelperchat/livehelperchat <2.0 - CSRF
CVSS 4.3
CVE-2022-0180
HIGH
Quiz And Survey Master <7.3.7 - CSRF
CVSS 8.8
CVE-2022-0238
MEDIUM
phoronix_test_suite < 10.8.0 - Cross-Site Request Forgery
CVSS 4.3
CVE-2022-0226
MEDIUM
live_helper_chat < 2.0 - Cross-Site Request Forgery
CVSS 4.3
CVE-2022-0231
MEDIUM
live_helper_chat < 3.91 and remdex/livehelperchat < 3.92 - Cross-Site Request Forgery
CVSS 6.5
CVE-2022-0197
HIGH
phoronix_test_suite < 10.8.0 - Cross-Site Request Forgery
CVSS 8.8
CVE-2022-0196
HIGH
phoronix_test_suite < 10.8.0 - Cross-Site Request Forgery
CVSS 8.8
CVE-2022-23115
MEDIUM
Jenkins batch task < 1.19 - Cross-Site Request Forgery
CVSS 5.4
CVE-2022-23111
MEDIUM
Jenkins Publish Over SSH Plugin < 1.22 - Cross-Site Request Forgery
CVSS 4.3
CVE-2022-20619
HIGH
Jenkins Bitbucket Branch Source Plugin <737.vdf9dc06105be - CSRF
CVSS 7.1
CVE-2022-20613
MEDIUM
Jenkins Mailer Plugin <391.ve4a_38c1b_cf4b - CSRF
CVSS 4.3
CVE-2022-20612
MEDIUM
Jenkins < 2.319.1 and 2.320-2.329 - Cross-Site Request Forgery
CVSS 4.3
CVE-2021-47976
HIGH
TextPattern CMS 4.9.0-dev Authenticated Remote Code Execution via Plugin Upload
CVSS 8.8
CVE-2021-47953
MEDIUM
OpenCart 3.0.3.7 Cross-Site Request Forgery via account/password
CVSS 4.3
CVE-2021-47946
MEDIUM
OpenCart 3.0.36 Account Takeover via Cross Site Request Forgery
CVSS 5.3
CVE-2021-35486
HIGH
Nokia IMPACT <= 19.11.2.10-20210118042150283 - Cross-Site Request Forgery via Unvalidated CSRF-NONCE
CVSS 8.1
CVE-2021-47860
MEDIUM
GetSimple CMS Custom JS Plugin 0.1 - CSRF leading to XSS and RCE
CVSS 5.3
CVE-2021-47830
MEDIUM
GetSimple CMS My SMTP Contact Plugin 1.1.1 - CSRF
CVSS 6.5
CVE-2021-47820
MEDIUM
Ubee EVW327 - Cross-Site Request Forgery to Enable Remote Access
CVSS 5.3
CVE-2021-47800
MEDIUM
b2evolution 7.2.2 - Cross-Site Request Forgery in Admin Account Details
CVSS 5.3
CVE-2021-47754
MEDIUM
Arunna 1.0.0 - Cross-Site Request Forgery via Profile Settings Form
CVSS 6.5
CVE-2021-41074
MEDIUM
QloApps hotel eCommerce 1.5.1 - CSRF
CVSS 5.4
CVE-2021-47722
LOW
Zucchetti Axess CLOKI Access Control 1.64 - CSRF
CVSS 3.5
Details
Vulnerabilities
9,371
Exploit Likelihood
Medium