Weaknesses of type CWE-352

5,716 results
CVE-2024-36668MEDIUMidccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component admin/type_deal.php?mudi=delEPSS 0.2%CVE-2022-41990HIGHWordPress 3D Tag Cloud Plugin <= 3.8 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.2%CVE-2024-47082MEDIUMStrawberry GraphQL Cross-Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2025-46610HIGHARTEC EMA Mail 6.92 allows CSRF.EPSS 0.2%CVE-2024-36548MEDIUMidccms V1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) via admin/vpsCompany_deal.php?mudi=delEPSS 0.2%CVE-2023-23750MEDIUM[20230101] - Core - CSRF within post-installation messagesEPSS 0.2%CVE-2024-24929MEDIUMWordPress WP Contact Form Plugin <= 1.6 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.2%CVE-2022-48320MEDIUMCSRF in add-visual endpointEPSS 0.2%CVE-2024-8507HIGHFile Manager Pro <= 8.3.9 - Cross-Site Request Forgery to Arbitrary File UploadEPSS 0.2%CVE-2022-45847MEDIUMWordPress Countdown Widget plugin <= 3.1.9.1 - Cross-Site Request Forgery (CSRF) leading to Cross-Site Scripting (XSS)EPSS 0.2%CVE-2022-46798MEDIUMWordPress WooLentor Plugin <= 2.5.1 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.2%CVE-2023-51678MEDIUMWordPress Doofinder for WooCommerce Plugin <= 2.0.33 is vulnerable to Broken Access ControlEPSS 0.2%CVE-2024-45987MEDIUMProjectworld Online Voting System Version 1.0 is vulnerable to Cross Site Request Forgery (CSRF) via voter.php. This vulnerability allows anEPSS 0.2%CVE-2022-41297MEDIUMIBM Db2U cross-site request forgeryEPSS 0.2%CVE-2023-37998MEDIUMWordPress Disabler Plugin <= 3.0.3 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.2%CVE-2022-45850MEDIUMWordPress Image Map Pro premium plugin < 5.6.9 - Cross-Site Request Forgery (CSRF) leading to Stored Cross-Site Scripting (XSS)EPSS 0.2%CVE-2024-28672MEDIUMDedeCMS v5.7 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /dede/media_edit.php.EPSS 0.2%CVE-2024-13707HIGHWP Image Uploader <= 1.0.1 - Cross-Site Request Forgery to Arbitrary File DeletionEPSS 0.2%CVE-2022-38468MEDIUMWordPress NextGEN Gallery Plugin <= 3.28 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.2%CVE-2023-23983MEDIUMWordPress Responsive Vertical Icon Menu Plugin <= 1.5.8 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.2%