CWE-352
Medium likelihoodCross-Site Request Forgery (CSRF)
The web application does not, or cannot, sufficiently verify whether a request was intentionally provided by the user who sent the request, which could have originated from an unauthorized actor.
9,374 vulnerabilities with CWE-352
CVE-2021-34358
MEDIUM
QmailAgent < 3.0.2 - Cross-Site Request Forgery
CVSS 6.8
CVE-2021-39198
MEDIUM
Oroinc Client Relationship Management < 3.1.24 - CSRF
CVSS 4.2
CVE-2021-44036
HIGH
Team Password Manager < 10.135.236 - Cross-Site Request Forgery during Import
CVSS 8.8
CVE-2021-39353
HIGH
Easy Registration Forms <= 2.1.1 - Cross-Site Request Forgery via ajax_add_form Function
CVSS 8.8
CVE-2021-3963
MEDIUM
Kimai2 < 1.16.2 - Cross-Site Request Forgery
CVSS 4.3
CVE-2021-3957
MEDIUM
Kimai2 < 1.16.2 - Cross-Site Request Forgery
CVSS 4.3
CVE-2021-3976
MEDIUM
Kimai2 < 1.16.2 - Cross-Site Request Forgery
CVSS 6.5
CVE-2021-36908
HIGH
WP Reset PRO < 5.98 - Cross-Site Request Forgery
CVSS 8.8
CVE-2021-41275
CRITICAL
spree_auth_devise < 4.0.1, 4.3.0-4.4.1 - Cross-Site Request Forgery
CVSS 9.3
CVE-2021-41274
CRITICAL
solidus_auth_devise 1.0.0-2.5.3 - Cross-Site Request Forgery
CVSS 9.3
CVE-2021-41273
MEDIUM
Pterodactyl Panel < 1.6.6 - Cross-Site Request Forgery via Test Email and Auto-Deployment Token Endpoints
CVSS 4.3
CVE-2021-24853
MEDIUM
QR Redirector < 1.6 - Authenticated Improper Access Control via qr_save_bulk AJAX Action
CVSS 4.3
CVE-2021-24852
MEDIUM
MouseWheel Smooth Scroll <5.7 - CSRF
CVSS 6.5
CVE-2021-24804
HIGH
Simple JWT Login WordPress <3.2.1 - Privilege Escalation
CVSS 8.8
CVE-2021-24802
MEDIUM
Colorful Categories WP <2.0.15 - CSRF
CVSS 6.5
CVE-2021-24776
MEDIUM
WP Performance Score Booster <2.1 - CSRF
CVSS 4.3
CVE-2021-25965
HIGH
calibre-web 0.6.0-0.6.13 - Cross-Site Request Forgery
CVSS 8.8
CVE-2021-25976
HIGH
PiranhaCMS 4.0.0-alpha1-9.2.0 - Cross-Site Request Forgery
CVSS 8.1
CVE-2021-3776
MEDIUM
showdoc < 2.9.12 and >= 0 < 2.9.13 - Cross-Site Request Forgery
CVSS 5.4
CVE-2021-3775
MEDIUM
showdoc < 2.9.12 - Cross-Site Request Forgery
CVSS 5.4
CVE-2021-3683
MEDIUM
showdoc < 2.9.12 - Cross-Site Request Forgery
CVSS 6.5
CVE-2021-3932
MEDIUM
twill < 2.5.2 and < 1.2.5 - Cross-Site Request Forgery
CVSS 4.3
CVE-2021-3931
MEDIUM
snipe-it < 5.3.1 - Cross-Site Request Forgery
CVSS 4.3
CVE-2021-3921
MEDIUM
firefly-iii < 5.6.3 - Cross-Site Request Forgery
CVSS 4.3
CVE-2021-41426
HIGH
Beeline Smart Box Firmware 2.0.38 - Cross-Site Request Forgery via mgt_end_user.htm
CVSS 8.8
Details
Vulnerabilities
9,374
Exploit Likelihood
Medium