Vulnerabilities (CVE)

  1. OpenCVE
  2. Vulnerabilities (CVE)
Filtered by CWE-352
Total 8298 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2023-25449 1 Cformsii Project 1 Cformsii 2024-11-21 N/A 4.3 MEDIUM
Cross-Site Request Forgery (CSRF) vulnerability in Oliver Seidel, Bastian Germann cformsII plugin <= 15.0.4 versions.
CVE-2023-25448 1 Archivist Project 1 Archivist 2024-11-21 N/A 5.4 MEDIUM
Cross-Site Request Forgery (CSRF) vulnerability in Eric Teubert Archivist – Custom Archive Templates plugin <= 1.7.4 versions.
CVE-2023-25447 1 Inkthemes 1 Colorway 2024-11-21 N/A 4.3 MEDIUM
Cross-Site Request Forgery (CSRF) vulnerability in Inkthemescom ColorWay theme <= 4.2.3 versions.
CVE-2023-25443 1 Wow-company 1 Button Generator 2024-11-21 N/A 4.3 MEDIUM
Cross-Site Request Forgery (CSRF) vulnerability in Wow-Company Button Generator – easily Button Builder plugin <= 2.3.5 versions.
CVE-2023-25201 1 Multitech 4 Conduit Ap Mtcap2-l4e1, Conduit Ap Mtcap2-l4e1-868-042a, Conduit Ap Mtcap2-l4e1-868-042a Firmware and 1 more 2024-11-21 N/A 8.8 HIGH
Cross Site Request Forgery (CSRF) vulnerability in MultiTech Conduit AP MTCAP2-L4E1 MTCAP2-L4E1-868-042A v.6.0.0 allows a remote attacker to execute arbitrary code via a crafted script upload.
CVE-2023-25170 1 Prestashop 1 Prestashop 2024-11-21 N/A 5.0 MEDIUM
PrestaShop is an open source e-commerce web application that, prior to version 8.0.1, is vulnerable to cross-site request forgery (CSRF). When authenticating users, PrestaShop preserves session attributes. Because this does not clear CSRF tokens upon login, this might enable same-site attackers to bypass the CSRF protection mechanism by performing an attack similar to a session-fixation. The problem is fixed in version 8.0.1.
CVE-2023-25066 1 Foliovision 1 Fv Flowplayer Video Player 2024-11-21 N/A 4.3 MEDIUM
Cross-Site Request Forgery (CSRF) vulnerability in FolioVision FV Flowplayer Video Player plugin <= 7.5.30.7212 versions.
CVE-2023-25065 1 Shapedplugin 1 Wp Tabs 2024-11-21 N/A 5.4 MEDIUM
Cross-Site Request Forgery (CSRF) vulnerability in ShapedPlugin WP Tabs – Responsive Tabs Plugin for WordPress plugin <= 2.1.14 versions.
CVE-2023-25056 1 Slickremix 1 Feed Them Social 2024-11-21 N/A 4.3 MEDIUM
Cross-Site Request Forgery (CSRF) vulnerability in SlickRemix Feed Them Social plugin <= 3.0.2 versions.
CVE-2023-25055 1 Digitalinspiration 1 Google Xml Sitemap For Videos 2024-11-21 N/A 4.3 MEDIUM
Cross-Site Request Forgery (CSRF) vulnerability in Amit Agarwal Google XML Sitemap for Videos plugin <= 2.6.1 versions.
CVE-2023-25051 1 Comment Reply Notification Project 1 Comment Reply Notification 2024-11-21 N/A 4.3 MEDIUM
Cross-Site Request Forgery (CSRF) vulnerability in Denishua Comment Reply Notification plugin <= 1.4 versions.
CVE-2023-25038 1 984.ru 1 For The Visually Impaired 2024-11-21 N/A 4.3 MEDIUM
Cross-Site Request Forgery (CSRF) vulnerability in 984.Ru For the visually impaired plugin <= 0.58 versions.
CVE-2023-25036 1 Social Media Icons Widget Project 1 Social Media Icons Widget 2024-11-21 N/A 4.3 MEDIUM
Cross-Site Request Forgery (CSRF) vulnerability in akhlesh-nagar, a.Ankit Social Media Icons Widget plugin <= 1.6 versions.
CVE-2023-25034 1 Wp Clean Up Project 1 Wp Clean Up 2024-11-21 N/A 4.3 MEDIUM
Cross-Site Request Forgery (CSRF) vulnerability in BoLiQuan WP Clean Up plugin <= 1.2.3 versions.
CVE-2023-25033 1 Sumo 1 Social Share Boost 2024-11-21 N/A 5.4 MEDIUM
Cross-Site Request Forgery (CSRF) vulnerability in Sumo Social Share Boost plugin <= 4.5 versions.
CVE-2023-25029 1 Wp Social Bookmarking Light Project 1 Wp Social Bookmarking Light 2024-11-21 N/A 4.3 MEDIUM
Cross-Site Request Forgery (CSRF) vulnerability in utahta WP Social Bookmarking Light plugin <= 2.0.7 versions.
CVE-2023-25025 1 Chetangole 1 Wp-copyprotect \[protect Your Blog Posts\] 2024-11-21 N/A 4.3 MEDIUM
Cross-Site Request Forgery (CSRF) vulnerability in Chetan Gole WP-CopyProtect [Protect your blog posts] plugin <= 3.1.0 versions.
CVE-2023-24920 1 Microsoft 1 Dynamics 365 2024-11-21 N/A 5.4 MEDIUM
Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability
CVE-2023-24518 1 Pandorafms 1 Pandora Fms 2024-11-21 N/A 6.7 MEDIUM
A Cross-site Request Forgery (CSRF) vulnerability in Pandora FMS allows an attacker to force authenticated users to send a request to a web application they are currently authenticated against. This issue affects Pandora FMS version 767 and earlier versions on all platforms.
CVE-2023-24421 1 Wpengine 1 Php Compatibility Checker 2024-11-21 N/A 5.4 MEDIUM
Cross-Site Request Forgery (CSRF) vulnerability in WP Engine PHP Compatibility Checker plugin <= 1.5.2 versions.