Vulnerabilities (CVE)

  1. OpenCVE
  2. Vulnerabilities (CVE)
Filtered by CWE-352
Total 8298 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2022-38716 1 Stylemixthemes 1 Motors - Car Dealer\, Classifieds \& Listing 2024-11-21 N/A 5.4 MEDIUM
Cross-Site Request Forgery (CSRF) vulnerability in StylemixThemes Motors – Car Dealer, Classifieds & Listing plugin <= 1.4.4 versions.
CVE-2022-38704 1 Clogica 1 Seo Redirection 2024-11-21 N/A 5.4 MEDIUM
Cross-Site Request Forgery (CSRF) vulnerability in SEO Redirection plugin <= 8.9 at WordPress, leading to deletion of 404 errors and redirection history.
CVE-2022-38660 1 Hcltech 1 Domino 2024-11-21 N/A 8.3 HIGH
HCL XPages applications are susceptible to a Cross Site Request Forgery (CSRF) vulnerability. An unauthenticated attacker could exploit this vulnerability to perform actions in the application on behalf of the logged in user.  
CVE-2022-38470 1 Cusrev 1 Customer Reviews For Woocommerce 2024-11-21 N/A 4.3 MEDIUM
Cross-Site Request Forgery (CSRF) vulnerability in Customer Reviews for WooCommerce plugin <= 5.3.5 at WordPress.
CVE-2022-38468 1 Imagely 1 Nextgen Gallery 2024-11-21 N/A 4.3 MEDIUM
Cross-Site Request Forgery (CSRF) vulnerability in Imagely WordPress Gallery Plugin – NextGEN Gallery plugin <= 3.28 leading to thumbnail alteration.
CVE-2022-38454 1 Kraken 1 Kraken.io Image Optimizer 2024-11-21 N/A 5.4 MEDIUM
Cross-Site Request Forgery (CSRF) vulnerability in Kraken.io Image Optimizer plugin <= 2.6.5 at WordPress.
CVE-2022-38359 1 Eyeofnetwork 1 Eyes Of Network Web 2024-11-21 N/A 8.8 HIGH
Cross-site request forgery attacks can be carried out against the Eyes of Network web application, due to an absence of adequate protections. An attacker can, for instance, delete the admin user by directing an authenticated user to the URL https://<target-address>/module/admin_user/index.php?DataTables_Table_0_length=10&user_selected%5B%5D=1&user_mgt_list=delete_user&action=submit by means of a crafted link.
CVE-2022-38356 1 Stylemixthemes 1 Pearl Header Builder 2024-11-21 N/A 5.4 MEDIUM
Cross-Site Request Forgery (CSRF) vulnerability in StylemixThemes WordPress Header Builder Plugin – Pearl plugin <= 1.3.4 versions.
CVE-2022-38139 1 Rdstation 1 Rd Station 2024-11-21 N/A 5.4 MEDIUM
Multiple Cross-Site Request Forgery (CSRF) vulnerabilities in RD Station plugin <= 5.2.0 at WordPress.
CVE-2022-38137 1 Analytify 1 Analytify - Google Analytics Dashboard 2024-11-21 N/A 4.3 MEDIUM
Cross-Site Request Forgery (CSRF) vulnerability in Analytify plugin <= 4.2.2 on WordPress.
CVE-2022-38095 1 Algolplus 1 Advanced Dynamic Pricing For Woocommerce 2024-11-21 N/A 5.4 MEDIUM
Cross-Site Request Forgery (CSRF) vulnerability in AlgolPlus Advanced Dynamic Pricing for WooCommerce plugin <= 4.1.3 at WordPress.
CVE-2022-38093 1 Aioseo 1 All In One Seo 2024-11-21 N/A 5.4 MEDIUM
Multiple Cross-Site Request Forgery (CSRF) vulnerabilities in All in One SEO plugin <= 4.2.3.1 at WordPress.
CVE-2022-38086 1 Getshortcodes 1 Shortcodes Ultimate 2024-11-21 N/A 5.4 MEDIUM
Cross-Site Request Forgery (CSRF) vulnerability in Shortcodes Ultimate plugin <= 5.12.0 at WordPress leading to plugin preset settings change.
CVE-2022-38085 1 Read More By Adam Project 1 Read More By Adam 2024-11-21 N/A 5.4 MEDIUM
Cross-Site Request Forgery (CSRF) vulnerability in Read more By Adam plugin <= 1.1.8 at WordPress.
CVE-2022-38079 1 Backup Scheduler Project 1 Backup Scheduler 2024-11-21 N/A 5.4 MEDIUM
Cross-Site Request Forgery (CSRF) vulnerability Backup Scheduler plugin <= 1.5.13 at WordPress.
CVE-2022-38077 1 Essentialplugin 1 Popup Anything 2024-11-21 N/A 4.3 MEDIUM
Cross-Site Request Forgery (CSRF) vulnerability in WP OnlineSupport, Essential Plugin Popup Anything – A Marketing Popup and Lead Generation Conversions plugin <= 2.2.1 versions.
CVE-2022-38075 1 Webartesanal 1 Mantenimiento Web 2024-11-21 N/A 6.1 MEDIUM
Cross-Site Request Forgery (CSRF) vulnerability leading to Stored Cross-Site Scripting (XSS) in Mantenimiento web plugin <= 0.13 on WordPress.
CVE-2022-38063 1 Social Login Wp Project 1 Social Login Wp 2024-11-21 N/A 5.4 MEDIUM
Cross-Site Request Forgery (CSRF) vulnerability in Social Login WP plugin <= 5.0.0.0 versions.
CVE-2022-38062 1 Metagauss 1 Download Theme 2024-11-21 N/A 4.3 MEDIUM
Cross-Site Request Forgery (CSRF) vulnerability in Metagauss Download Theme plugin <= 1.0.9 versions.
CVE-2022-38059 1 Access Code Feeder Project 1 Access Code Feeder 2024-11-21 N/A 5.5 MEDIUM
Cross-Site Request Forgery (CSRF) vulnerability in Alexey Trofimov's Access Code Feeder plugin <= 1.0.3 at WordPress.