Vulnerabilities (CVE)

  1. OpenCVE
  2. Vulnerabilities (CVE)
Filtered by CWE-352
Total 5841 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2022-47141 1 Seerox 1 Wp Dynamic Keywords Injector 2023-11-07 N/A 8.8 HIGH
Cross-Site Request Forgery (CSRF) vulnerability in Seerox WP Dynamic Keywords Injector plugin <= 2.3.15 versions.
CVE-2022-46867 1 Universal Star Rating Project 1 Universal Star Rating 2023-11-07 N/A 8.8 HIGH
Cross-Site Request Forgery (CSRF) vulnerability in Chasil Universal Star Rating plugin <= 2.1.0 version.
CVE-2022-46862 1 Expresstech 1 Quiz And Survey Master 2023-11-07 N/A 8.8 HIGH
Cross-Site Request Forgery (CSRF) vulnerability in ExpressTech Quiz And Survey Master – Best Quiz, Exam and Survey Plugin for WordPress plugin <= 8.0.7 versions.
CVE-2022-46854 1 Obox 1 Launchpad - Coming Soon \& Maintenance Mode Plugin 2023-11-07 N/A 8.8 HIGH
Cross-Site Request Forgery (CSRF) vulnerability in Obox Themes Launchpad – Coming Soon & Maintenance Mode plugin <= 1.0.13 versions.
CVE-2022-46842 1 Wiselyhub 1 Js Help Desk 2023-11-07 N/A 8.8 HIGH
Cross-Site Request Forgery (CSRF) vulnerability in JS Help Desk plugin <= 2.7.1 versions.
CVE-2022-46815 1 Wptrio 1 Conditional Shipping For Woocommerce 2023-11-07 N/A 8.8 HIGH
Cross-Site Request Forgery (CSRF) vulnerability in Lauri Karisola / WP Trio Conditional Shipping for WooCommerce plugin <= 2.3.1 versions.
CVE-2022-46806 1 Villatheme 1 Cart All In One For Woocommerce 2023-11-07 N/A 4.3 MEDIUM
Cross-Site Request Forgery (CSRF) vulnerability in VillaTheme Cart All In One For WooCommerce plugin <= 1.1.10 leading to cart modification.
CVE-2022-46805 1 Wptrio 1 Conditional Shipping For Woocommerce 2023-11-07 N/A 5.4 MEDIUM
Cross-Site Request Forgery (CSRF) vulnerability in Lauri Karisola / WP Trio Conditional Shipping for WooCommerce plugin <= 2.3.1 leading to activation/deactivation of plugin rulesets.
CVE-2022-46798 1 Hasthemes 1 Woolentor - Woocommerce Elementor Addons \+ Builder 2023-11-07 N/A 5.4 MEDIUM
Cross-Site Request Forgery (CSRF) vulnerability in HasThemes ShopLentor plugin <= 2.5.1 leading to plugin settings change.
CVE-2022-46797 1 Tatvic 1 Conversios.io 2023-11-07 N/A 4.3 MEDIUM
Cross-Site Request Forgery (CSRF) vulnerability in Conversios All-in-one Google Analytics, Pixels and Product Feed Manager for WooCommerce plugin <= 5.2.3 leads to plugin settings change.
CVE-2022-46793 1 Adtribes 1 Product Feed Pro For Woocommerce 2023-11-07 N/A 8.8 HIGH
Cross-Site Request Forgery (CSRF) vulnerability in AdTribes.Io Product Feed PRO for WooCommerce plugin <= 12.4.4 versions.
CVE-2022-45824 1 Elbtide 1 Advanced Booking Calendar 2023-11-07 N/A 6.5 MEDIUM
Cross-Site Request Forgery (CSRF) vulnerability in Advanced Booking Calendar plugin <= 1.7.1 on WordPress.
CVE-2022-45807 1 Wpvibes 1 Wp Mail Log 2023-11-07 N/A 8.8 HIGH
Cross-Site Request Forgery (CSRF) in WPVibes WP Mail Log plugin <= 1.0.1 versions.
CVE-2022-45804 1 Robogallery 1 Robo Gallery 2023-11-07 N/A 5.4 MEDIUM
Cross-Site Request Forgery (CSRF) vulnerability in RoboSoft Photo Gallery, Images, Slider in Rbs Image Gallery plugin <= 3.2.9 leading to galleries hierarchy change, included plugin deactivate & activate.
CVE-2022-45149 2 Fedoraproject, Moodle 2 Fedora, Moodle 2023-11-07 N/A 5.4 MEDIUM
A vulnerability was found in Moodle which exists due to insufficient validation of the HTTP request origin in course redirect URL. A user's CSRF token was unnecessarily included in the URL when being redirected to a course they have just restored. A remote attacker can trick the victim to visit a specially crafted web page and perform arbitrary actions on behalf of the victim on the vulnerable website. This flaw allows an attacker to perform cross-site request forgery attacks.
CVE-2022-45127 1 Sewio 1 Real-time Location System Studio 2023-11-07 N/A 8.1 HIGH
Sewio’s Real-Time Location System (RTLS) Studio version 2.0.0 up to and including version 2.6.2 is vulnerable to cross-site request forgery in its backup services. An attacker could take advantage of this vulnerability to execute arbitrary backup operations and cause a denial-of-service condition.
CVE-2022-45068 1 Mercadopago 1 Mercado Pago Payments For Woocommerce 2023-11-07 N/A 8.8 HIGH
Cross-Site Request Forgery (CSRF) vulnerability in Mercado Pago Mercado Pago payments for WooCommerce plugin <= 6.3.1.
CVE-2022-45067 1 Devscred 1 Exclusive Addons For Elementor 2023-11-07 N/A 8.8 HIGH
Cross-Site Request Forgery (CSRF) vulnerability in DevsCred Exclusive Addons Elementor plugin <= 2.6.1 versions.
CVE-2022-44737 1 Tipsandtricks-hq 1 All In One Wp Security \& Firewall 2023-11-07 N/A 8.8 HIGH
Multiple Cross-Site Request Forgery vulnerabilities in All-In-One Security (AIOS) – Security and Firewall (WordPress plugin) <= 5.1.0 on WordPress.
CVE-2022-44585 1 Magneticlab 1 Homepage Pop-up 2023-11-07 N/A 8.8 HIGH
Cross-Site Request Forgery (CSRF) vulnerability in Magneticlab Sàrl Homepage Pop-up plugin <= 1.2.5 versions.