CWE-352
Medium likelihoodCross-Site Request Forgery (CSRF)
The web application does not, or cannot, sufficiently verify whether a request was intentionally provided by the user who sent the request, which could have originated from an unauthorized actor.
9,372 vulnerabilities with CWE-352
CVE-2021-43156
MEDIUM
ProjectWorlds Online Book Store PHP 1.0 - CSRF
CVSS 6.5
CVE-2021-24981
HIGH
Directorist < 7.0.6.2 - Cross-Site Request Forgery to Remote File Upload
CVSS 7.5
CVE-2021-43846
MEDIUM
Solidus_frontend <3.1.5-2.11.14 - CSRF
CVSS 5.3
CVE-2021-36887
MEDIUM
tarteaucitron.js < 1.5.4 - Cross-Site Request Forgery via tarteaucitronEmail and tarteaucitronPass Parameters
CVSS 6.1
CVE-2021-4131
HIGH
live_helper_chat < 2.0 - Cross-Site Request Forgery
CVSS 8.8
CVE-2021-4130
HIGH
snipe-it < 5.3.6 - Cross-Site Request Forgery
CVSS 8.8
CVE-2021-26800
MEDIUM
phpgurukul user management system in php using stored procedure V1.0 - Cross-Site Request Forgery in Change-password.php
CVSS 6.5
CVE-2021-41260
HIGH
Galette < 0.9.6 - Cross-Site Request Forgery
CVSS 8.2
CVE-2021-4123
MEDIUM
livehelperchat < 2.0 - Cross-Site Request Forgery
CVSS 6.5
CVE-2021-45017
HIGH
catfish-cms < 6.3.0 - Cross-Site Request Forgery via Menu URL Parameter
CVSS 8.8
CVE-2021-44942
MEDIUM
glFusion CMS 1.7.9 - Cross-Site Request Forgery in Blacklist Plugin
CVSS 4.3
CVE-2021-24945
HIGH
LikeBtn WordPress <2.6.38 - Info Disclosure
CVSS 8.0
CVE-2021-24922
CRITICAL
Pixel Cat WordPress Plugin < 2.6.2 - Cross-Site Request Forgery and Stored Cross-Site Scripting
CVSS 9.0
CVE-2021-24836
MEDIUM
Temporary Login Without Password < 1.7.1 - Authenticated Missing Authorization in Settings Update
CVSS 4.3
CVE-2021-24818
MEDIUM
WP Limits < 1.0 - Cross-Site Request Forgery in Settings Save
CVSS 4.3
CVE-2021-24795
MEDIUM
Filter Portfolio Gallery <1.5 - CSRF
CVSS 6.5
CVE-2021-24790
MEDIUM
Contact Form Advanced Database <1.0.8 - CSRF
CVSS 4.3
CVE-2021-24784
MEDIUM
WP Admin Logo Changer < 1.0 - Cross-Site Request Forgery via Settings Update
CVSS 6.5
CVE-2021-24780
MEDIUM
Single Post Exporter < 1.1.1 - Cross-Site Request Forgery in Settings Save
CVSS 4.3
CVE-2021-4092
MEDIUM
Yetiforce CRM < 6.3.0 - Cross-Site Request Forgery
CVSS 4.3
CVE-2021-4082
MEDIUM
pimcore < 10.2.6 - Cross-Site Request Forgery
CVSS 4.3
CVE-2021-4033
MEDIUM
Kimai2 < 1.16.7 - Cross-Site Request Forgery
CVSS 6.5
CVE-2021-4049
MEDIUM
live_helper_chat < 2.0 - Cross-Site Request Forgery
CVSS 6.5
CVE-2021-31631
HIGH
b2evolution CMS 7.2.3 - Cross-Site Request Forgery via User Login Page
CVSS 8.8
CVE-2021-35242
HIGH
SolarWinds Serv-U < 15.2.5 - Cross-Site Request Forgery via Session Token
CVSS 8.3
Details
Vulnerabilities
9,372
Exploit Likelihood
Medium