Weaknesses of type CWE-352
5,714 resultsCVE-2024-28681MEDIUMDedeCMS v5.7 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /dede/plus_edit.php.EPSS 0.2%CVE-2025-48740MEDIUMA Cross-Site Request Forgery (CSRF) vulnerability in StrangeBee TheHive 5.2.0 before 5.2.16, 5.3.0 before 5.3.11, 5.4.0 before 5.4.10, and 5EPSS 0.2%CVE-2024-28670MEDIUMDedeCMS v5.7 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /dede/freelist_main.php.EPSS 0.2%CVE-2024-10040MEDIUMInfinite-Scroll <= 2.6.2 - Cross-Site Request Forgery to Plugin Settings UpdateEPSS 0.2%CVE-2024-5616MEDIUMCSRF Vulnerability in mudler/LocalAIEPSS 0.2%CVE-2024-55088HIGHGetSimple CMS CE 3.3.19 is vulnerable to Server-Side Request Forgery (SSRF) in the backend plugin module.EPSS 0.2%CVE-2025-6865MEDIUMDaiCuo index cross-site request forgeryEPSS 0.2%CVE-2025-6664MEDIUMCodeAstro Patient Record Management System cross-site request forgeryEPSS 0.2%CVE-2024-54396MEDIUMWordPress Bet sport Free plugin <= 1.0.0 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2025-5410MEDIUMMist Community Edition middleware.py session_start_response cross-site request forgeryEPSS 0.2%CVE-2023-51529MEDIUMWordPress HT Mega Plugin <= 2.3.3 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.2%CVE-2023-51528MEDIUMWordPress GPT3 AI Content Writer Plugin <= 1.8.12 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.2%CVE-2023-51696MEDIUMWordPress Spam protection, AntiSpam, FireWall by CleanTalk Plugin <= 6.20 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.2%CVE-2023-2893MEDIUMWP EasyCart <= 5.4.8 - Cross-Site Request Forgery via process_deactivate_productEPSS 0.2%CVE-2024-32440MEDIUMWordPress Asgaros Forum plugin <= 2.8.0 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2024-32441MEDIUMWordPress Zoho Campaigns plugin <= 2.0.7 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2023-2895MEDIUMWP EasyCart <= 5.4.8 - Cross-Site Request Forgery via process_bulk_activate_productEPSS 0.2%CVE-2024-36667MEDIUMidccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /admin/idcProType_deal.php?mudi=add&nohrefStr=cEPSS 0.2%CVE-2024-30458MEDIUMWordPress FOX – Currency Switcher Professional for WooCommerce plugin <= 1.4.1.7 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2024-1213MEDIUMEasy Social Feed <= 6.5.4 - Cross-Site Request ForgeryEPSS 0.2%