CWE-352
Medium likelihoodCross-Site Request Forgery (CSRF)
The web application does not, or cannot, sufficiently verify whether a request was intentionally provided by the user who sent the request, which could have originated from an unauthorized actor.
9,371 vulnerabilities with CWE-352
CVE-2021-47730
HIGH
Selea Targa IP OCR-ANPR Camera - CSRF
CVSS 8.8
CVE-2021-47723
HIGH
STVS ProVision 5.9.10 - Cross-Site Request Forgery
CVSS 8.8
CVE-2021-47702
MEDIUM
OpenBMCS 2.4 - Cross-Site Request Forgery via sendFeedback.php Endpoint
CVSS 4.3
CVE-2021-27704
MEDIUM
Appspace 6.2.4 - Incorrect Access Control via Password Reset Page
CVSS 6.5
CVE-2021-27701
MEDIUM
SOCIFI Socifi Guest wifi - Cross-Site Request Forgery via Socifi wifi portal
CVSS 4.7
CVE-2021-45785
MEDIUM
TruDesk Help Desk/Ticketing Solution v1.1.11 - CSRF
CVSS 6.5
CVE-2021-28656
MEDIUM
Apache Zeppelin < 0.9.0 - Cross-Site Request Forgery in Credential Page
CVSS 5.4
CVE-2021-29050
HIGH
Liferay Portal < 7.3.6 and DXP 7.2 < 7.2.10.fp11 - Cross-Site Request Forgery in Terms of Use Page
CVSS 8.8
CVE-2021-25117
MEDIUM
WP-PostRatings <1.86.1 - Info Disclosure
CVSS 4.8
CVE-2021-24870
MEDIUM
WP Fastest Cache < 0.9.5 - CSRF & Stored XSS via wpfc_save_cdn_integration
CVSS 6.1
CVE-2021-4418
MEDIUM
Custom CSS, JS & PHP < 2.0.7 - Cross-Site Request Forgery via save() Function
CVSS 4.3
CVE-2021-4427
MEDIUM
Vuukle Comments, Reactions, Share Bar, Revenue <= 3.4.31 - Cross-Site Request Forgery via Missing Nonce Validation
CVSS 4.3
CVE-2021-4426
MEDIUM
Absolute Reviews <= 1.0.8 - Cross-Site Request Forgery via metabox_review_save()
CVSS 4.3
CVE-2021-4425
MEDIUM
Defender Security < 2.4.6 - Cross-Site Request Forgery via verify_otp_login_time() Function
CVSS 4.3
CVE-2021-4424
MEDIUM
Slider Hero < 8.2.0 - Cross-Site Request Forgery via qc_slider_hero_duplicate() Function
CVSS 4.3
CVE-2021-4423
MEDIUM
RAYS Grid <= 1.2.2 - Cross-Site Request Forgery via rsgd_insert_update() Function
CVSS 4.3
CVE-2021-4422
MEDIUM
Post SMTP < 2.0.20 - Cross-Site Request Forgery via CSV Export Function
CVSS 4.3
CVE-2021-4421
MEDIUM
Advanced Popups <= 1.1.1 - Cross-Site Request Forgery via metabox_popup_save()
CVSS 4.3
CVE-2021-4420
MEDIUM
Sell Media <= 2.5.5 - Cross-Site Request Forgery via sell_media_process() Function
CVSS 4.3
CVE-2021-4419
MEDIUM
WP-Backgrounds Lite <= 2.3 - Cross-Site Request Forgery via ino_save_data() Function
CVSS 4.3
CVE-2021-4417
MEDIUM
Forminator < 1.13.5 - Cross-Site Request Forgery via Export Schedule Function
CVSS 5.4
CVE-2021-4416
MEDIUM
wp-mpdf <= 3.5.1 - Cross-Site Request Forgery via mpdf_admin_savepost() Function
CVSS 4.3
CVE-2021-4415
MEDIUM
Sunshine Photo Cart <= 2.8.28 - Cross-Site Request Forgery via sunshine_products_quicksave_post()
CVSS 4.3
CVE-2021-4414
MEDIUM
Abandoned Cart Lite for WooCommerce <= 5.8.5 - Cross-Site Request Forgery via wcal_preview_emails() Function
CVSS 4.3
CVE-2021-4413
MEDIUM
Process Steps Template Designer <= 1.2.1 - Cross-Site Request Forgery via Missing Nonce Validation
CVSS 4.3
Details
Vulnerabilities
9,371
Exploit Likelihood
Medium