Vulnerabilities (CVE)

  1. OpenCVE
  2. Vulnerabilities (CVE)
Filtered by CWE-352
Total 7225 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2023-45268 1 Hitsteps 1 Hitsteps Web Analytics 2023-10-18 N/A 8.8 HIGH
Cross-Site Request Forgery (CSRF) vulnerability in Hitsteps Hitsteps Web Analytics plugin <= 5.86 versions.
CVE-2023-45276 1 Automatededitor 1 Automated Editor 2023-10-18 N/A 8.8 HIGH
Cross-Site Request Forgery (CSRF) vulnerability in automatededitor.Com Automated Editor plugin <= 1.3 versions.
CVE-2023-45270 1 Pinpoint 1 Pinpoint Booking System 2023-10-18 N/A 8.8 HIGH
Cross-Site Request Forgery (CSRF) vulnerability in PINPOINT.WORLD Pinpoint Booking System plugin <= 2.9.9.4.0 versions.
CVE-2023-43148 1 Spa-cart 1 Spa-cart 2023-10-18 N/A 8.1 HIGH
SPA-Cart 1.9.0.3 has a Cross Site Request Forgery (CSRF) vulnerability that allows a remote attacker to delete all accounts.
CVE-2020-26516 1 Intland 1 Codebeamer 2023-10-18 6.8 MEDIUM 8.8 HIGH
A CSRF issue was discovered in Intland codeBeamer ALM 10.x through 10.1.SP4. Requests sent to the server that trigger actions do not contain a CSRF token and can therefore be entirely predicted allowing attackers to cause the victim's browser to execute undesired actions in the web application through crafted requests.
CVE-2023-43147 1 Phpjabbers 1 Limo Booking Software 2023-10-18 N/A 8.8 HIGH
PHPJabbers Limo Booking Software 1.0 is vulnerable to Cross Site Request Forgery (CSRF) to add an admin user via the Add Users Function, aka an index.php?controller=pjAdminUsers&action=pjActionCreate URI.
CVE-2023-45109 1 Myback.link 1 Whitepage 2023-10-18 N/A 8.8 HIGH
Cross-Site Request Forgery (CSRF) vulnerability in ZAKSTAN WhitePage plugin <= 1.1.5 versions.
CVE-2022-47372 1 Pandorafms 1 Pandora Fms 2023-10-18 N/A 5.4 MEDIUM
Stored cross-site scripting vulnerability in the Create event section in Pandora FMS Console v766 and lower. An attacker typically exploits this vulnerability by injecting XSS payloads on popular pages of a site or passing a link to a victim, tricking them into viewing the page that contains the stored XSS payload.
CVE-2023-45063 1 Rayhan1 1 Ai Content Writing Assistant 2023-10-17 N/A 8.8 HIGH
Cross-Site Request Forgery (CSRF) vulnerability in ReCorp AI Content Writing Assistant (Content Writer, GPT 3 & 4, ChatGPT, Image Generator) All in One plugin <= 1.1.5 versions.
CVE-2023-45060 1 Fla-shop 1 Interactive World Map 2023-10-17 N/A 8.8 HIGH
Cross-Site Request Forgery (CSRF) vulnerability in Fla-shop.Com Interactive World Map plugin <= 3.2.0 versions.
CVE-2023-45058 1 Kaizencoders 1 Short Url 2023-10-17 N/A 8.8 HIGH
Cross-Site Request Forgery (CSRF) vulnerability in KaizenCoders Short URL plugin <= 1.6.8 versions.
CVE-2023-45052 1 Dan009 1 Wp Bing Map Pro 2023-10-17 N/A 8.8 HIGH
Cross-Site Request Forgery (CSRF) vulnerability in dan009 WP Bing Map Pro plugin < 5.0 versions.
CVE-2023-45048 1 Repuso 1 Repuso 2023-10-17 N/A 8.8 HIGH
Cross-Site Request Forgery (CSRF) vulnerability in Repuso Social proof testimonials and reviews by Repuso plugin <= 5.00 versions.
CVE-2023-45011 1 Websivu 1 Wp Power Stats 2023-10-17 N/A 8.8 HIGH
Cross-Site Request Forgery (CSRF) vulnerability in Igor Buyanov WP Power Stats plugin <= 2.2.3 versions.
CVE-2023-44998 1 Randyhoyt 1 Category Meta 2023-10-17 N/A 8.8 HIGH
Cross-Site Request Forgery (CSRF) vulnerability in josecoelho, Randy Hoyt, steveclarkcouk, Vitaliy Kukin, Eric Le Bail, Tom Ransom Category Meta plugin plugin <= 1.2.8 versions.
CVE-2023-45108 1 Mailrelay 1 Mailrelay 2023-10-17 N/A 8.8 HIGH
Cross-Site Request Forgery (CSRF) vulnerability in Mailrelay plugin <= 2.1.1 versions.
CVE-2023-45107 1 Goodbarber 1 Goodbarber 2023-10-17 N/A 8.8 HIGH
Cross-Site Request Forgery (CSRF) vulnerability in GoodBarber plugin <= 1.0.22 versions.
CVE-2023-44997 1 Nitinrathod 1 Wp Forms Puzzle Captcha 2023-10-16 N/A 8.8 HIGH
Cross-Site Request Forgery (CSRF) vulnerability in Nitin Rathod WP Forms Puzzle Captcha plugin <= 4.1 versions.
CVE-2023-25989 1 Mekshq 10 Meks Audio Player, Meks Easy Ads Widget, Meks Easy Maps and 7 more 2023-10-16 N/A 8.8 HIGH
Cross-Site Request Forgery (CSRF) vulnerability in Meks Video Importer, Meks Time Ago, Meks ThemeForest Smart Widget, Meks Smart Author Widget, Meks Audio Player, Meks Easy Maps, Meks Easy Photo Feed Widget, Meks Simple Flickr Widget, Meks Easy Ads Widget, Meks Smart Social Widget plugins leading to dismiss or the popup.
CVE-2023-45103 1 Yasglobalizer 1 Permalinks Customizer 2023-10-16 N/A 8.8 HIGH
Cross-Site Request Forgery (CSRF) vulnerability in YAS Global Team Permalinks Customizer plugin <= 2.8.2 versions.