Vulnerabilities (CVE)

  1. OpenCVE
  2. Vulnerabilities (CVE)
Filtered by CWE-352
Total 7812 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2022-45072 1 Wpml 1 Wpml 2024-11-21 N/A 4.3 MEDIUM
Cross-Site Request Forgery (CSRF) vulnerability in WPML Multilingual CMS premium plugin <= 4.5.13 on WordPress.
CVE-2022-45071 1 Wpml 1 Wpml 2024-11-21 N/A 5.4 MEDIUM
Cross-Site Request Forgery (CSRF) vulnerability in WPML Multilingual CMS premium plugin <= 4.5.13 on WordPress.
CVE-2022-45068 1 Mercadopago 1 Mercado Pago Payments For Woocommerce 2024-11-21 N/A 5.4 MEDIUM
Cross-Site Request Forgery (CSRF) vulnerability in Mercado Pago Mercado Pago payments for WooCommerce plugin <= 6.3.1.
CVE-2022-45067 1 Devscred 1 Exclusive Addons For Elementor 2024-11-21 N/A 4.3 MEDIUM
Cross-Site Request Forgery (CSRF) vulnerability in DevsCred Exclusive Addons Elementor plugin <= 2.6.1 versions.
CVE-2022-44741 1 Slidervilla 1 Testimonial Slider 2024-11-21 N/A 6.1 MEDIUM
Cross-Site Request Forgery (CSRF) vulnerability leading to Cross-Site Scripting (XSS) in David Anderson Testimonial Slider plugin <= 1.3.1 on WordPress.
CVE-2022-44740 1 Constantcontact 1 Creative Mail 2024-11-21 N/A 5.4 MEDIUM
Multiple Cross-Site Request Forgery (CSRF) vulnerabilities in Creative Mail plugin <= 1.5.4 on WordPress.
CVE-2022-44739 1 Thingsforrestaurants 1 Quick Restaurant Reservations 2024-11-21 N/A 5.3 MEDIUM
Cross-Site Request Forgery (CSRF) vulnerability in ThingsForRestaurants Quick Restaurant Reservations plugin <= 1.5.4 versions.
CVE-2022-44737 1 Tipsandtricks-hq 1 All In One Wp Security \& Firewall 2024-11-21 N/A 5.4 MEDIUM
Multiple Cross-Site Request Forgery vulnerabilities in All-In-One Security (AIOS) – Security and Firewall (WordPress plugin) <= 5.1.0 on WordPress.
CVE-2022-44627 1 Coleds 1 Simple Seo 2024-11-21 N/A 5.4 MEDIUM
Cross-Site Request Forgery (CSRF) vulnerability in David Cole Simple SEO plugin <= 1.8.12 on WordPress allows attackers to create or delete sitemaps.
CVE-2022-44585 1 Magneticlab 1 Homepage Pop-up 2024-11-21 N/A 5.4 MEDIUM
Cross-Site Request Forgery (CSRF) vulnerability in Magneticlab Sàrl Homepage Pop-up plugin <= 1.2.5 versions.
CVE-2022-43710 1 Gxsoftware 1 Xperiencentral 2024-11-21 N/A 8.8 HIGH
Interactive Forms (IAF) in GX Software XperienCentral versions 10.31.0 until 10.33.0 was vulnerable to cross site request forgery (CSRF) because the unique token could be deduced using the names of all input fields.
CVE-2022-43491 1 Algolplus 1 Advanced Dynamic Pricing For Woocommerce 2024-11-21 N/A 5.4 MEDIUM
Cross-Site Request Forgery (CSRF) vulnerability in Advanced Dynamic Pricing for WooCommerce plugin <= 4.1.5 on WordPress leading to plugin settings import.
CVE-2022-43490 1 Xwp 1 Stream 2024-11-21 N/A 5.4 MEDIUM
Cross-Site Request Forgery (CSRF) vulnerability in XWP Stream plugin <= 3.9.2 versions.
CVE-2022-43488 1 Algolplus 1 Advanced Dynamic Pricing For Woocommerce 2024-11-21 N/A 5.4 MEDIUM
Cross-Site Request Forgery (CSRF) vulnerability in Advanced Dynamic Pricing for WooCommerce plugin <= 4.1.5 on WordPress leading to rule type migration.
CVE-2022-43481 1 Rymera 1 Advanced Coupons 2024-11-21 N/A 5.4 MEDIUM
Cross-Site Request Forgery (CSRF) vulnerability in Advanced Coupons for WooCommerce Coupons plugin <= 4.5 on WordPress leading to notice dismissal.
CVE-2022-43469 1 Orchestrated 1 Corona Virus \(covid-19\) Banner \& Live Data 2024-11-21 N/A 5.4 MEDIUM
Cross-Site Request Forgery (CSRF) vulnerability in Orchestrated Corona Virus (COVID-19) Banner & Live Data plugin <= 1.7.0.6 versions.
CVE-2022-43459 1 Captainform 1 Captainform 2024-11-21 N/A 5.4 MEDIUM
Cross-Site Request Forgery (CSRF) vulnerability in Forms by CaptainForm – Form Builder for WordPress plugin <= 2.5.3 versions.
CVE-2022-42880 1 Auto Upload Images Project 1 Auto Upload Images 2024-11-21 N/A 6.1 MEDIUM
Cross-Site Request Forgery (CSRF) vulnerability in Ali Irani Auto Upload Images plugin <= 3.3 versions allows Stored Cross-Site Scripting (XSS).
CVE-2022-42435 1 Ibm 1 Business Automation Workflow 2024-11-21 N/A 4.3 MEDIUM
IBM Business Automation Workflow 18.0.0, 18.0.1, 18.0.2, 19.0.1, 19.0.2, 19.0.3, 20.0.1, 20.0.2, 20.0.3, 21.0.1, 21.0.2, 21.0.3, and 22.0.1 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 238054.
CVE-2022-41996 1 Theme-fusion 1 Avada 2024-11-21 N/A 8.8 HIGH
Cross-Site Request Forgery (CSRF) vulnerability in ThemeFusion Avada premium theme versions <= 7.8.1 on WordPress leading to arbitrary plugin installation/activation.