CWE-352
Medium likelihoodCross-Site Request Forgery (CSRF)
The web application does not, or cannot, sufficiently verify whether a request was intentionally provided by the user who sent the request, which could have originated from an unauthorized actor.
9,372 vulnerabilities with CWE-352
CVE-2021-44312
HIGH
Firmware Analysis and Comparison Tool - Cross-Site Request Forgery
CVSS 8.8
CVE-2021-24978
MEDIUM
OSMapper WordPress <2.1.5 - Info Disclosure
CVSS 5.3
CVE-2021-46426
MEDIUM
phpipam 1.4.4 - Cross-Site Request Forgery and Reflected Cross-Site Scripting via Subnets Functionality
CVSS 6.1
CVE-2021-43737
MEDIUM
xiaohuanxiong_cms 5.0.17 - Cross-Site Request Forgery
CVSS 6.5
CVE-2021-43738
HIGH
xiaohuanxiong_cms 5.0.17 - Cross-Site Request Forgery
CVSS 8.8
CVE-2021-40662
HIGH
Chamilo LMS 1.11.14 - Cross-Site Request Forgery leading to Remote Code Execution
CVSS 8.8
CVE-2021-24905
HIGH
Advanced Contact form 7 DB <1.8.7 - CSRF
CVSS 8.0
CVE-2021-45886
HIGH
PONTON X/P Messenger <3.11.2 - CSRF
CVSS 8.8
CVE-2021-25098
MEDIUM
Pricing Tables WordPress Plugin < 3.1.3 - Cross-Site Request Forgery via Post Removal
CVSS 6.5
CVE-2021-44321
MEDIUM
Mini-Inventory-and-Sales-Management-System - Cross-Site Request Forgery
CVSS 5.0
CVE-2021-25081
MEDIUM
WP Google Map < 1.8.4 - Cross-Site Request Forgery via AJAX Actions
CVSS 6.5
CVE-2021-25011
MEDIUM
WP Google Map < 1.8.1 - Authenticated Missing Authorization and CSRF in AJAX Actions
CVSS 5.7
CVE-2021-25010
CRITICAL
Post Snippets WP <3.1.4 - CSRF & XSS
CVSS 9.6
CVE-2021-24913
MEDIUM
Logo Showcase with Slick Slider WordPress plugin <2.0.1 - CSRF
CVSS 4.3
CVE-2021-24823
HIGH
Support Board < 3.3.6 - Cross-Site Request Forgery via include/ajax.php
CVSS 8.1
CVE-2021-24803
HIGH
Core Tweaks WP Setup < 4.1 - Cross-Site Request Forgery
CVSS 8.8
CVE-2021-24730
MEDIUM
Logo Showcase with Slick Slider WordPress plugin <1.2.5 - CSRF
CVSS 4.3
CVE-2021-24704
HIGH
Orange Form WordPress <1.0 - SQL Injection
CVSS 8.8
CVE-2021-24688
MEDIUM
Orange Form WordPress <1.0.1 - CSRF
CVSS 4.3
CVE-2021-4030
HIGH
Zyxel ARMOR Z1/Z2 Firmware - Cross-Site Request Forgery
CVSS 8.0
CVE-2021-45007
MEDIUM
Plesk 18.0.37 - Cross-Site Request Forgery
CVSS 6.5
CVE-2021-46252
MEDIUM
Scratch Wiki scratch-confirmaccount-v3 - CSRF
CVSS 6.5
CVE-2021-43941
MEDIUM
Atlassian Jira Server/Data Center <8.13.15 & <8.14.0-8.20.3 - CSRF
CVSS 6.5
CVE-2021-43953
MEDIUM
Atlassian Jira Server/Data Center <8.13.16 & 8.14.0-8.20.5 - CSRF
CVSS 4.3
CVE-2021-43952
MEDIUM
Atlassian Jira Server/Data Center <8.21.0 - CSRF
CVSS 4.3
Details
Vulnerabilities
9,372
Exploit Likelihood
Medium