Weaknesses of type CWE-352

5,715 results
CVE-2024-7420MEDIUMInsert PHP Code Snippet <= 1.3.6 - Cross-Site Request Forgery to Code Snippet Activate/Deactivate/DeletionEPSS 0.2%CVE-2024-55893MEDIUMTYPO3 Cross-Site Request Forgery in Log ModuleEPSS 0.2%CVE-2024-20421HIGHCisco ATA 190 Series Analog Telephone Adapter Firmware Cross-Site Request Forgery VulnerabilityEPSS 0.2%CVE-2024-22601HIGHFlyCms v1.0 contains a Cross-Site Request Forgery (CSRF) vulnerability via /system/score/scorerule_saveEPSS 0.2%CVE-2025-31828MEDIUMWordPress Easy!Appointments plugin <= 1.4.2 - Cross Site Request Forgery (CSRF) to Settings Change vulnerabilityEPSS 0.2%CVE-2024-32793MEDIUMWordPress Paid Memberships Pro plugin <= 2.12.10 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2024-41987HIGHCross-Site Request Forgery (CSRF) vulnerability in TEM Opera Plus FM Family TransmitterEPSS 0.2%CVE-2024-55894MEDIUMTYPO3 Cross-Site Request Forgery in Backend User ModuleEPSS 0.2%CVE-2023-47186MEDIUMWordPress Kadence WooCommerce Email Designer Plugin <= 1.5.11 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.2%CVE-2024-7035MEDIUMCross-Site Request Forgery (CSRF) in open-webui/open-webuiEPSS 0.2%CVE-2024-1162MEDIUMOrbit Fox by ThemeIsle <= 2.10.29 - Cross-Site Request ForgeryEPSS 0.2%CVE-2023-5818MEDIUMAmazonify <= 0.8.1 - Cross-Site Request Forgery to Amazon Tracking ID UpdateEPSS 0.2%CVE-2023-51531MEDIUMWordPress Thrive Automator Plugin <= 1.17 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.2%CVE-2023-23984MEDIUMWordPress Bubble Menu – circle floating menu Plugin <= 3.0.1 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.2%CVE-2023-4454MEDIUMCross-Site Request Forgery (CSRF) in wallabag/wallabagEPSS 0.2%CVE-2022-45824MEDIUMWordPress Advanced Booking Calendar Plugin <= 1.7.1 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.2%CVE-2024-47100HIGHA vulnerability has been identified in SIMATIC S7-1200 CPU 1211C AC/DC/Rly (6ES7211-1BE40-0XB0), SIMATIC S7-1200 CPU 1211C DC/DC/DC (6ES7211EPSS 0.2%CVE-2022-35730MEDIUMWordPress Oceanwp sticky header plugin <= 1.0.8 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.2%CVE-2024-36669MEDIUMidccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component admin/type_deal.php?mudi=add.EPSS 0.2%CVE-2022-47372HIGHStored cross-site scripting vulnerability in create event sectionEPSS 0.2%