CWE-352 CVEs and Security Vulnerabilities

Filtered by CWE-352

Search

Switch to Advanced Search (Beta)

Total 8545 CVE

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2023-40953	1 Idreamsoft	1 Icms	2024-11-21	8.8 High
icms 7.0.16 is vulnerable to Cross Site Request Forgery (CSRF).
CVE-2023-40868	1 Moosocial	1 Moosocial	2024-11-21	8.8 High
Cross Site Request Forgery vulnerability in mooSocial MooSocial Software v.Demo allows a remote attacker to execute arbitrary code via the Delete Account and Deactivate functions.
CVE-2023-40671	1 Daxiawp	1 Dx-auto-save-images	2024-11-21	4.3 Medium
Cross-Site Request Forgery (CSRF) vulnerability in 大侠wp DX-auto-save-images plugin <= 1.4.0 versions.
CVE-2023-40607	1 Cluevo	1 Learning Management System	2024-11-21	4.3 Medium
Cross-Site Request Forgery (CSRF) vulnerability in CLUEVO CLUEVO LMS, E-Learning Platform plugin <= 1.10.0 versions.
CVE-2023-40572	1 Xwiki	1 Xwiki	2024-11-21	9.1 Critical
XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. The create action is vulnerable to a CSRF attack, allowing script and thus remote code execution when targeting a user with script/programming right, thus compromising the confidentiality, integrity and availability of the whole XWiki installation. When a user with script right views this image and a log message `ERROR foo - Script executed!` appears in the log, the XWiki installation is vulnerable. This has been patched in XWiki 14.10.9 and 15.4RC1 by requiring a CSRF token for the actual page creation.
CVE-2023-40561	1 Multidots	1 Enhanced Ecommerce Google Analytics For Woocommerce	2024-11-21	5.4 Medium
Cross-Site Request Forgery (CSRF) vulnerability in theDotstore Enhanced Ecommerce Google Analytics for WooCommerce plugin <= 3.7.1 versions.
CVE-2023-40559	1 Multidots	1 Dynamic Pricing And Discount Rules For Woocommerce	2024-11-21	4.3 Medium
Cross-Site Request Forgery (CSRF) vulnerability in theDotstore Dynamic Pricing and Discount Rules for WooCommerce plugin <= 2.4.0 versions.
CVE-2023-40558	1 Emarketdesign	1 Youtube Video Gallery	2024-11-21	5.4 Medium
Cross-Site Request Forgery (CSRF) vulnerability in eMarket Design YouTube Video Gallery by YouTube Showcase plugin <= 3.3.5 versions.
CVE-2023-40556	1 Toolstack	1 Schedule Posts Calendar	2024-11-21	4.3 Medium
Cross-Site Request Forgery (CSRF) vulnerability in Greg Ross Schedule Posts Calendar plugin <= 5.2 versions.
CVE-2023-40351	1 Jenkins	1 Favorite View	2024-11-21	4.3 Medium
A cross-site request forgery (CSRF) vulnerability in Jenkins Favorite View Plugin 5.v77a_37f62782d and earlier allows attackers to add or remove views from another user's favorite views tab bar.
CVE-2023-40341	2 Jenkins, Redhat	2 Blue Ocean, Ocp Tools	2024-11-21	8.8 High
A cross-site request forgery (CSRF) vulnerability in Jenkins Blue Ocean Plugin 1.27.5 and earlier allows attackers to connect to an attacker-specified URL, capturing GitHub credentials associated with an attacker-specified job.
CVE-2023-40337	2 Jenkins, Redhat	2 Folders, Ocp Tools	2024-11-21	4.3 Medium
A cross-site request forgery (CSRF) vulnerability in Jenkins Folders Plugin 6.846.v23698686f0f6 and earlier allows attackers to copy a view inside a folder.
CVE-2023-40336	2 Jenkins, Redhat	2 Folders, Ocp Tools	2024-11-21	8.8 High
A cross-site request forgery (CSRF) vulnerability in Jenkins Folders Plugin 6.846.v23698686f0f6 and earlier allows attackers to copy folders.
CVE-2023-40335	1 Cyberws	1 Cleverwise Daily Quotes	2024-11-21	7.1 High
Cross-Site Request Forgery (CSRF) vulnerability in Jeremy O'Connell Cleverwise Daily Quotes allows Stored XSS.This issue affects Cleverwise Daily Quotes: from n/a through 3.2.
CVE-2023-40212	1 Multidots	1 Product Attachment For Woocommerce	2024-11-21	4.3 Medium
Cross-Site Request Forgery (CSRF) vulnerability in theDotstore Product Attachment for WooCommerce plugin <= 2.1.8 versions.
CVE-2023-40210	1 Sean-barton	1 Sb Child List	2024-11-21	5.4 Medium
Cross-Site Request Forgery (CSRF) vulnerability in Sean Barton (Tortoise IT) SB Child List plugin <= 4.5 versions.
CVE-2023-40202	1 Codemiq	1 Wp Html Mail	2024-11-21	5.4 Medium
Cross-Site Request Forgery (CSRF) vulnerability in Hannes Etzelstorfer // codemiq WP HTML Mail plugin <= 3.4.1 versions.
CVE-2023-40201	1 Futuriowp	1 Futurio Extra	2024-11-21	6.5 Medium
Cross-Site Request Forgery (CSRF) vulnerability in FuturioWP Futurio Extra plugin <= 1.8.4 versions leads to activation of arbitrary plugin.
CVE-2023-40199	1 Crudlab	1 Wp Like Button	2024-11-21	5.4 Medium
Cross-Site Request Forgery (CSRF) vulnerability in CRUDLab WP Like Button plugin <= 1.7.0 versions.
CVE-2023-40198	1 Antsanchez	1 Easy Cookie Law	2024-11-21	5.4 Medium
Cross-Site Request Forgery (CSRF) vulnerability in Antsanchez Easy Cookie Law plugin <= 3.1 versions.

« first previous Page 289 of 428. next last »