Weaknesses of type CWE-352
5,714 resultsCVE-2024-4086MEDIUMCM Tooltip Glossary – Powerful Glossary Plugin <= 4.2.11 - Cross-Site Request ForgeryEPSS 0.3%CVE-2024-32549HIGHWordPress Related Posts for WordPress plugin <= 4.0.3 - CSRF to XSS vulnerabilityEPSS 0.3%CVE-2024-32785HIGHWordPress The Pack Elementor addons plugin <= 2.0.8.3 - Cross Site Request Forgery (CSRF) to XSS vulnerabilityEPSS 0.3%CVE-2024-7568CRITICALFavicon Generator <= 1.5 - Cross-Site Request Forgery to Arbitrary File DeletionEPSS 0.3%CVE-2024-38345HIGHA cross-site request forgery vulnerability exists in Sola Testimonials versions prior to 3.0.0. If this vulnerability is exploited, an attacEPSS 0.3%CVE-2023-51681MEDIUMWordPress Duplicator Plugin <= 1.5.7 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.3%CVE-2022-29454LOWWordPress Better Messages plugin <= 1.9.9.148 - Cross-Site Request Forgery (CSRF) vulnerabilityEPSS 0.3%CVE-2024-55924HIGHCross-Site Request Forgery in Scheduler Module in TYPO3EPSS 0.3%CVE-2024-29499HIGHAnchor CMS v0.12.7 was discovered to contain a Cross-Site Request Forgery (CSRF) via /anchor/admin/users/delete/2.EPSS 0.3%CVE-2024-54372CRITICALWordPress Insertify plugin <= 1.1.4 - CSRF to Remote Code Execution vulnerabilityEPSS 0.3%CVE-2022-3149MEDIUMWP Custom Cursors < 3.0.1 - Stored Cross-Site Scripting via CSRFEPSS 0.3%CVE-2024-0892MEDIUMSchema App Structured Data <= 2.2.0 - Cross-Site Request ForgeryEPSS 0.3%CVE-2025-2832MEDIUMmingyuefusu 明月复苏 tushuguanlixitong 图书管理系统 cross-site request forgeryEPSS 0.3%CVE-2024-34557MEDIUMWordPress Barcode Scanner with Inventory & Order Manager plugin <= 1.5.4 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.3%CVE-2023-0831MEDIUMUnder Construction <= 3.96 - Cross-Site Request Forgery via admin_action_ucp_dismiss_noticeEPSS 0.3%CVE-2024-4689MEDIUMWordPress ShortPixel Adaptive Images plugin <= 3.8.3 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.3%CVE-2023-48751MEDIUMWordPress Participants Database Plugin <= 2.5.5 is vulnerable to Broken Access ControlEPSS 0.3%CVE-2024-54851HIGHTeedy <= 1.12 is vulnerable to Cross Site Request Forgery (CSRF), due to the lack of CSRF protection.EPSS 0.3%CVE-2023-47024HIGHCross-Site Request Forgery (CSRF) in NCR Terminal Handler v.1.5.1 leads to a one-click account takeover. This is achieved by exploiting multEPSS 0.3%CVE-2024-24708MEDIUMWordPress W3SPEEDSTER Plugin <= 7.19 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.3%