Filtered by CWE-352
Total 6248 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2023-25706 1 Pagup 1 Better Robots.txt 2024-08-02 5.4 Medium
Cross-Site Request Forgery (CSRF) vulnerability in Pagup WordPress Robots.Txt optimization plugin <= 1.4.5 versions.
CVE-2023-23671 1 Web-settler 1 Layer Slider 2024-08-02 7.1 High
Cross-Site Request Forgery (CSRF) vulnerability in Muneeb Layer Slider plugin <= 1.1.9.7 versions.
CVE-2023-23787 1 Premmerce 1 Redirect Manager 2024-08-02 4.3 Medium
Cross-Site Request Forgery (CSRF) vulnerability in Premmerce Premmerce Redirect Manager plugin <= 1.0.9 versions.
CVE-2023-23897 1 Ozette 1 Simple Mobile Url Redirect 2024-08-02 4.3 Medium
Cross-Site Request Forgery (CSRF) vulnerability in Ozette Plugins Simple Mobile URL Redirect plugin <= 1.7.2 versions.
CVE-2023-23802 1 Hasthemes 1 Ht Easy Ga4 \(google Analytics 4\) 2024-08-02 4.3 Medium
Cross-Site Request Forgery (CSRF) vulnerability in HasThemes HT Easy GA4 ( Google Analytics 4 ) plugin <= 1.0.6 versions.
CVE-2023-25034 1 Wp Clean Up Project 1 Wp Clean Up 2024-08-02 4.3 Medium
Cross-Site Request Forgery (CSRF) vulnerability in BoLiQuan WP Clean Up plugin <= 1.2.3 versions.
CVE-2023-24008 1 Wpmaspik 1 Maspik 2024-08-02 4.3 Medium
Cross-Site Request Forgery (CSRF) vulnerability in yonifre Maspik – Spam Blacklist plugin <= 0.7.8 versions.
CVE-2023-25474 1 About Me 3000 Widget Project 1 About Me 3000 Widget 2024-08-02 4.3 Medium
Cross-Site Request Forgery (CSRF) vulnerability in Csaba Kissi About Me 3000 widget plugin <= 2.2.6 versions.
CVE-2023-25481 1 Podlove 1 Podlove Subscribe Button 2024-08-02 5.4 Medium
Cross-Site Request Forgery (CSRF) vulnerability in Podlove Podlove Subscribe button plugin <= 1.3.7 versions.
CVE-2023-22709 1 Srs Simple Hits Counter Project 1 Srs Simple Hits Counter 2024-08-02 4.3 Medium
Cross-Site Request Forgery (CSRF) vulnerability in Atif N SRS Simple Hits Counter plugin <= 1.1.0 versions.
CVE-2023-25968 1 Cozmoslabs 1 Client Portal 2024-08-02 4.3 Medium
Cross-Site Request Forgery (CSRF) vulnerability in Cozmoslabs, Madalin Ungureanu, Antohe Cristian Client Portal – Private user pages and login plugin <= 1.1.8 versions.
CVE-2023-24419 1 Strategy11 1 Formidable Form Builder 2024-08-02 7.1 High
Cross-Site Request Forgery (CSRF) vulnerability in Strategy11 Form Builder Team Formidable Forms plugin <= 5.5.6 versions.
CVE-2023-24388 1 Wpdevart 1 Booking Calendar 2024-08-02 5.4 Medium
Cross-Site Request Forgery (CSRF) vulnerability in WpDevArt Booking calendar, Appointment Booking System plugin <= 3.2.3 versions affects plugin forms actions (create, duplicate, edit, delete).
CVE-2023-31200 1 Ptc 1 Vuforia Studio 2024-08-02 5.7 Medium
PTC Vuforia Studio does not require a token; this could allow an attacker with local access to perform a cross-site request forgery attack or a replay attack.
CVE-2023-31089 1 Webternsolutions 1 Video Xml Sitemap Generator 2024-08-02 4.3 Medium
Cross-Site Request Forgery (CSRF) vulnerability in Tradebooster Video XML Sitemap Generator.This issue affects Video XML Sitemap Generator: from n/a through 1.0.0.
CVE-2023-31075 1 Ciphercoin 1 Easy Hide Login 2024-08-02 5.4 Medium
Cross-Site Request Forgery (CSRF) vulnerability in Arshid Easy Hide Login.This issue affects Easy Hide Login: from n/a through 1.0.8.
CVE-2023-31061 1 Repetier-server 1 Repetier-server 2024-08-02 8.8 High
Repetier Server through 1.4.10 does not have CSRF protection.
CVE-2023-30901 1 Siemens 2 Q200, Q200 Firmware 2024-08-02 4.3 Medium
A vulnerability has been identified in POWER METER SICAM Q100 (All versions < V2.60), POWER METER SICAM Q100 (All versions < V2.60), POWER METER SICAM Q100 (All versions < V2.60), POWER METER SICAM Q100 (All versions < V2.60). The web interface of the affected devices are vulnerable to Cross-Site Request Forgery attacks. By tricking an authenticated victim user to click a malicious link, an attacker could perform arbitrary actions on the device on behalf of the victim user.
CVE-2023-30616 1 Epiph 1 Form Block 2024-08-02 6.5 Medium
Form block is a wordpress plugin designed to make form creation easier. Versions prior to 1.0.2 are subject to a Cross-Site Request Forgery due to a missing nonce check. There is potential for a Cross Site Request Forgery for all form blocks, since it allows to send requests to the forms from any website without a user noticing. Users are advised to upgrade to version 1.0.2. There are no known workarounds for this vulnerability.
CVE-2023-30525 1 Jenkins 1 Report Portal 2024-08-02 8.8 High
A cross-site request forgery (CSRF) vulnerability in Jenkins Report Portal Plugin 0.5 and earlier allows attackers to connect to an attacker-specified URL using attacker-specified bearer token authentication.