Vulnerabilities (CVE)

Filtered by CWE-352
Total 5841 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2023-51528 2024-02-29 N/A 4.3 MEDIUM
Cross-Site Request Forgery (CSRF) vulnerability in Senol Sahin AI Power: Complete AI Pack – Powered by GPT-4.This issue affects AI Power: Complete AI Pack – Powered by GPT-4: from n/a through 1.8.12.
CVE-2024-25932 2024-02-29 N/A 4.3 MEDIUM
Cross-Site Request Forgery (CSRF) vulnerability in Manish Kumar Agarwal Change Table Prefix.This issue affects Change Table Prefix: from n/a through 2.0.
CVE-2024-24708 2024-02-29 N/A 4.3 MEDIUM
Cross-Site Request Forgery (CSRF) vulnerability in W3speedster W3SPEEDSTER.This issue affects W3SPEEDSTER: from n/a through 7.19.
CVE-2024-24701 2024-02-29 N/A 4.3 MEDIUM
Cross-Site Request Forgery (CSRF) vulnerability in Native Grid LLC A no-code page builder for beautiful performance-based content.This issue affects A no-code page builder for beautiful performance-based content: from n/a through 2.1.20.
CVE-2024-25982 2024-02-29 N/A 4.3 MEDIUM
The link to update all installed language packs did not include the necessary token to prevent a CSRF risk.
CVE-2024-22287 1 Ludek 1 Better Anchor Links 2024-02-29 N/A 6.1 MEDIUM
Cross-Site Request Forgery (CSRF) vulnerability in Luděk Melichar Better Anchor Links allows Cross-Site Scripting (XSS).This issue affects Better Anchor Links: from n/a through 1.7.5.
CVE-2023-51535 1 Cleantalk 1 Spam Protection\, Antispam\, Firewall 2024-02-29 N/A 8.8 HIGH
Cross-Site Request Forgery (CSRF) vulnerability in СleanTalk - Anti-Spam Protection Spam protection, Anti-Spam, FireWall by CleanTalk.This issue affects Spam protection, Anti-Spam, FireWall by CleanTalk: from n/a through 6.20.
CVE-2023-49853 1 Paytr 1 Paytr Taksit Tablosu - Woocommerce 2024-02-29 N/A 8.8 HIGH
Cross-Site Request Forgery (CSRF) vulnerability in PayTR Ödeme ve Elektronik Para Kuruluşu A.Ş. PayTR Taksit Tablosu – WooCommerce.This issue affects PayTR Taksit Tablosu – WooCommerce: from n/a through 1.3.1.
CVE-2023-47243 1 Codemshop 1 Mshop My Site 2024-02-29 N/A 8.8 HIGH
Cross-Site Request Forgery (CSRF) vulnerability in CodeMShop 코드엠샵 마이사이트 – MSHOP MY SITE.This issue affects 코드엠샵 마이사이트 – MSHOP MY SITE: from n/a through 1.1.6.
CVE-2023-34169 1 Sakura 1 Ts Webfonts For Sakura 2024-02-29 N/A 8.8 HIGH
Cross-Site Request Forgery (CSRF) vulnerability in SAKURA Internet Inc. TS Webfonts for さくらのレンタルサーバ plugin <= 3.1.2 versions.
CVE-2023-25987 1 Urosevic 1 My Youtube Channel 2024-02-29 N/A 8.8 HIGH
Cross-Site Request Forgery (CSRF) vulnerability in Aleksandar Urošević My YouTube Channel plugin <= 3.23.3 versions.
CVE-2023-50930 1 Savignano 1 S-notify 2024-02-28 N/A 7.1 HIGH
An issue was discovered in savignano S/Notify before 4.0.2 for Jira. While an administrative user is logged on, the configuration settings of S/Notify can be modified via a CSRF attack. The injection could be initiated by the administrator clicking a malicious link in an email or by visiting a malicious website. If executed while an administrator is logged on to Jira, an attacker could exploit this to modify the configuration of the S/Notify app on that host. This can, in particular, lead to email notifications being no longer encrypted when they should be.
CVE-2017-11455 2 Ivanti, Pulsesecure 3 Connect Secure, Pulse Connect Secure, Pulse Policy Secure 2024-02-27 6.8 MEDIUM 8.8 HIGH
diag.cgi in Pulse Connect Secure 8.2R1 through 8.2R5, 8.1R1 through 8.1R10 and Pulse Policy Secure 5.3R1 through 5.3R5, 5.2R1 through 5.2R8, and 5.1R1 through 5.1R10 allow remote attackers to hijack the authentication of administrators for requests to start tcpdump, related to the lack of anti-CSRF tokens.
CVE-2024-24798 2024-02-22 N/A 4.3 MEDIUM
Cross-Site Request Forgery (CSRF) vulnerability in SoniNow Team Debug.This issue affects Debug: from n/a through 1.10.
CVE-2024-25905 2024-02-22 N/A 5.4 MEDIUM
Cross-Site Request Forgery (CSRF) vulnerability in Mondula GmbH Multi Step Form.This issue affects Multi Step Form: from n/a through 1.7.18.
CVE-2024-24802 2024-02-22 N/A 4.3 MEDIUM
Cross-Site Request Forgery (CSRF) vulnerability in John Tendik JTRT Responsive Tables.This issue affects JTRT Responsive Tables: from n/a through 4.1.9.
CVE-2024-24876 2024-02-22 N/A 4.3 MEDIUM
Cross-Site Request Forgery (CSRF) vulnerability in Janis Elsts Admin Menu Editor.This issue affects Admin Menu Editor: from n/a through 1.12.
CVE-2024-24872 2024-02-22 N/A 4.3 MEDIUM
Cross-Site Request Forgery (CSRF) vulnerability in Themify Themify Builder.This issue affects Themify Builder: from n/a through 7.0.5.
CVE-2024-24843 2024-02-22 N/A 7.1 HIGH
Cross-Site Request Forgery (CSRF) vulnerability in PowerPack Addons for Elementor PowerPack Pro for Elementor.This issue affects PowerPack Pro for Elementor: from n/a before 2.10.8.
CVE-2024-24837 2024-02-22 N/A 4.3 MEDIUM
Cross-Site Request Forgery (CSRF) vulnerability in Frédéric GILLES FG PrestaShop to WooCommerce, Frédéric GILLES FG Drupal to WordPress, Frédéric GILLES FG Joomla to WordPress.This issue affects FG PrestaShop to WooCommerce: from n/a through 4.44.3; FG Drupal to WordPress: from n/a through 3.67.0; FG Joomla to WordPress: from n/a through 4.15.0.