Vulnerabilities (CVE)

  1. OpenCVE
  2. Vulnerabilities (CVE)
Filtered by CWE-352
Total 7225 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2022-46842 1 Wiselyhub 1 Js Help Desk 2023-11-07 N/A 8.8 HIGH
Cross-Site Request Forgery (CSRF) vulnerability in JS Help Desk plugin <= 2.7.1 versions.
CVE-2022-47149 1 Upress 1 Enable Accessibility 2023-11-07 N/A 8.8 HIGH
Cross-Site Request Forgery (CSRF) vulnerability in Pretty Links plugin <= 3.4.0 versions.
CVE-2022-47154 1 Piwebsolution 1 Css Js Manager\, Async Javascript\, Defer Render Blocking Css Supports Woocommerce 2023-11-07 N/A 8.8 HIGH
Cross-Site Request Forgery (CSRF) vulnerability in Pi Websolution CSS JS Manager, Async JavaScript, Defer Render Blocking CSS supports WooCommerce plugin <= 2.4.49 versions.
CVE-2022-47166 1 Voidcoders 1 Void Contact Form 7 Widget For Elementor Page Builder 2023-11-07 N/A 8.8 HIGH
Cross-Site Request Forgery (CSRF) vulnerability in voidCoders Void Contact Form 7 Widget For Elementor Page Builder plugin <= 2.1.1 versions.
CVE-2022-47179 1 Ujsoftware 1 Owm Weather 2023-11-07 N/A 4.3 MEDIUM
Cross-Site Request Forgery (CSRF) vulnerability in Uwe Jacobs OWM Weather plugin <= 5.6.11 leads to post duplication as a draft.
CVE-2022-47155 1 Supsystic 1 Slider 2023-11-07 N/A 8.8 HIGH
Cross-Site Request Forgery (CSRF) vulnerability in Supsystic Slider by Supsystic plugin <= 1.8.5 versions.
CVE-2022-47440 1 My Tickets Project 1 My Tickets 2023-11-07 N/A 8.8 HIGH
Cross-Site Request Forgery (CSRF) vulnerability in Joseph C Dolson My Tickets plugin <= 1.9.10 versions.
CVE-2022-47147 1 Kesz1 1 Ipblocklist 2023-11-07 N/A 8.8 HIGH
Cross-Site Request Forgery (CSRF) vulnerability in Kesz1 Technologies ipBlockList plugin <= 1.0 versions.
CVE-2022-46815 1 Wptrio 1 Conditional Shipping For Woocommerce 2023-11-07 N/A 8.8 HIGH
Cross-Site Request Forgery (CSRF) vulnerability in Lauri Karisola / WP Trio Conditional Shipping for WooCommerce plugin <= 2.3.1 versions.
CVE-2022-46806 1 Villatheme 1 Cart All In One For Woocommerce 2023-11-07 N/A 4.3 MEDIUM
Cross-Site Request Forgery (CSRF) vulnerability in VillaTheme Cart All In One For WooCommerce plugin <= 1.1.10 leading to cart modification.
CVE-2022-47162 1 Dh - Anti Adblocker Project 1 Dh - Anti Adblocker 2023-11-07 N/A 8.8 HIGH
Cross-Site Request Forgery (CSRF) vulnerability in Dannie Herdyawan DH – Anti AdBlocker plugin <= 36 versions.
CVE-2022-46805 1 Wptrio 1 Conditional Shipping For Woocommerce 2023-11-07 N/A 5.4 MEDIUM
Cross-Site Request Forgery (CSRF) vulnerability in Lauri Karisola / WP Trio Conditional Shipping for WooCommerce plugin <= 2.3.1 leading to activation/deactivation of plugin rulesets.
CVE-2022-47395 1 Sewio 1 Real-time Location System Studio 2023-11-07 N/A 8.1 HIGH
Sewio’s Real-Time Location System (RTLS) Studio version 2.0.0 up to and including version 2.6.2 is vulnerable to cross-site request forgery in its monitor services. An attacker could take advantage of this vulnerability to execute arbitrary maintenance operations and cause a denial-of-service condition.
CVE-2022-47141 1 Seerox 1 Wp Dynamic Keywords Injector 2023-11-07 N/A 8.8 HIGH
Cross-Site Request Forgery (CSRF) vulnerability in Seerox WP Dynamic Keywords Injector plugin <= 2.3.15 versions.
CVE-2022-47422 1 Hmplugin 1 Accept Stripe Donation - Aidwp 2023-11-07 N/A 8.8 HIGH
Cross-Site Request Forgery (CSRF) vulnerability in HM Plugin Accept Stripe Donation – AidWP plugin <= 3.1.5 versions.
CVE-2022-46867 1 Universal Star Rating Project 1 Universal Star Rating 2023-11-07 N/A 8.8 HIGH
Cross-Site Request Forgery (CSRF) vulnerability in Chasil Universal Star Rating plugin <= 2.1.0 version.
CVE-2022-4013 1 Hospital Management Center Project 1 Hospital Management Center 2023-11-07 N/A 8.8 HIGH
A vulnerability classified as problematic was found in Hospital Management Center. Affected by this vulnerability is an unknown functionality of the file appointment.php. The manipulation leads to cross-site request forgery. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-213787.
CVE-2022-47427 1 My Calendar Project 1 My Calendar 2023-11-07 N/A 8.8 HIGH
Cross-Site Request Forgery (CSRF) vulnerability in Joseph C Dolson My Calendar plugin <= 3.3.24.1 versions.
CVE-2022-46854 1 Obox 1 Launchpad - Coming Soon \& Maintenance Mode Plugin 2023-11-07 N/A 8.8 HIGH
Cross-Site Request Forgery (CSRF) vulnerability in Obox Themes Launchpad – Coming Soon & Maintenance Mode plugin <= 1.0.13 versions.
CVE-2022-4125 1 Popup Manager Project 1 Popup Manager 2023-11-07 N/A 4.3 MEDIUM
The Popup Manager WordPress plugin through 1.6.6 does not have authorisation and CSRF check when creating/updating popups, and is missing sanitisation as well as escaping, which could allow unauthenticated attackers to create arbitrary popups and add Stored XSS payloads as well