CWE-352
9,384 CVEs • Abstraction: Compound • Likelihood of Exploit: Medium
Cross-Site Request Forgery (CSRF)
The web application does not, or can not, sufficiently verify whether a well-formed, valid, consistent request was intentionally provided by the user who submitted the request.
CVEs (9,384)
CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS |
|---|
Cross-Site Request Forgery (CSRF) vulnerability in josecoelho, Randy Hoyt, steveclarkcouk, Vitaliy Kukin, Eric Le Bail, Tom Ransom Category Meta plugin plugin <= 1.2.8 versions. |
Cross-Site Request Forgery (CSRF) vulnerability in LeadSquared, Inc LeadSquared Suite plugin <= 0.7.4 versions. |
1I13websolution 1Thumbnail Slider With Lightbox Jun 17, 2026 Oct 12, 2023 N/A· v4 4.3 MEDIUM· v3 N/A· v2 The Thumbnail Slider With Lightbox plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.0. This is due to missing or incorrect nonce validation on the delete functionality....Show more |
1Nitinrathod 1Wp Forms Puzzle Captcha Jun 17, 2026 Oct 11, 2023 N/A· v4 8.8 HIGH· v3 N/A· v2 Cross-Site Request Forgery (CSRF) vulnerability in Nitin Rathod WP Forms Puzzle Captcha plugin <= 4.1 versions. |
Cross-Site Request Forgery (CSRF) in GitHub repository snipe/snipe-it prior to v.6.2.3. |
Cross-Site Request Forgery (CSRF) vulnerability in Naresh Parmar Post View Count plugin <= 1.8.2 versions. |
1Wpdoctor 1Woocommerce Login Redirect Jun 17, 2026 Oct 10, 2023 N/A· v4 8.8 HIGH· v3 N/A· v2 Cross-Site Request Forgery (CSRF) vulnerability in WP Doctor WooCommerce Login Redirect plugin <= 2.2.4 versions. |
Cross-Site Request Forgery (CSRF) vulnerability in Bainternet ShortCodes UI plugin <= 1.9.8 versions. |
Cross-Site Request Forgery (CSRF) vulnerability in Andres Felipe Perea V. CopyRightPro plugin <= 2.1 versions. |
1Add Shortcodes Actions And Filters Project 1Add Shortcodes Actions And Filters Jun 17, 2026 Oct 10, 2023 N/A· v4 8.8 HIGH· v3 N/A· v2 Cross-Site Request Forgery (CSRF) vulnerability in Michael Simpson Add Shortcodes Actions And Filters plugin <= 2.0.9 versions. |
Cross-Site Request Forgery (CSRF) vulnerability in Bernhard Kau Backend Localization plugin <= 2.1.10 versions. |
1Kvvaradha 1Kv Tinymce Editor Add Fonts Jun 17, 2026 Oct 10, 2023 N/A· v4 8.8 HIGH· v3 N/A· v2 Cross-Site Request Forgery (CSRF) vulnerability in Kvvaradha Kv TinyMCE Editor Add Fonts plugin <= 1.1 versions. |
Cross-Site Request Forgery (CSRF) vulnerability in Keap Keap Landing Pages plugin <= 1.4.2 versions. |
Cross-Site Request Forgery (CSRF) in GitHub repository chiefonboarding/chiefonboarding prior to v2.0.47. |
SmodBIP is vulnerable to Cross-Site Request Forgery, that could be used to induce logged in users to perform unintended actions, including creation of additional accounts with administrative privileges. This issue affec...Show more |
Cross-Site Request Forgery (CSRF) vulnerability in Dinesh Karki Block Plugin Update plugin <= 3.3 versions. |
Cross-Site Request Forgery (CSRF) vulnerability in Mediavine Mediavine Control Panel plugin <= 2.10.2 versions. |
Cross-Site Request Forgery (CSRF) vulnerability in Hometory Mang Board WP plugin <= 1.7.6 versions. |
1Wp Gallery Metabox Project 1Wp Gallery Metabox Jun 17, 2026 Oct 10, 2023 N/A· v4 8.8 HIGH· v3 N/A· v2 Cross-Site Request Forgery (CSRF) vulnerability in Hardik Kalathiya WP Gallery Metabox plugin <= 1.0.0 versions. |
1Tychesoftwares 1Order Delivery Date For Woocommerce Jun 17, 2026 Oct 10, 2023 N/A· v4 8.8 HIGH· v3 N/A· v2 Cross-Site Request Forgery (CSRF) vulnerability in Ashok Rane Order Delivery Date for WP e-Commerce plugin <= 1.2 versions. |