Weaknesses of type CWE-352
5,716 resultsCVE-2023-1924MEDIUMWP Fastest Cache <= 1.1.2 - Cross-Site Request Forgery via 'wpfc_toolbar_save_settings_callback'EPSS 0.2%CVE-2023-44231MEDIUMWordPress Contact Form Plugin <= 2.0.10 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.2%CVE-2024-27967MEDIUMWordPress DSGVO All in one for WP plugin <= 4.3 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2024-31362MEDIUMWordPress ProfileGrid – User Profiles, Memberships, Groups and Communities plugin <= 5.7.8 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2023-1921MEDIUMWP Fastest Cache <= 1.1.2 - Cross-Site Request Forgery via 'wpfc_start_cdn_integration_ajax_request_callback'EPSS 0.2%CVE-2023-1922MEDIUMWP Fastest Cache <= 1.1.2 - Cross-Site Request Forgery via 'wpfc_pause_cdn_integration_ajax_request_callback'EPSS 0.2%CVE-2023-1927MEDIUMWP Fastest Cache <= 1.1.2 - Cross-Site Request Forgery via 'deleteCssAndJsCacheToolbar'EPSS 0.2%CVE-2024-13709MEDIUMLinear <= 2.8.1 - Cross-Site Request Forgery to Cache ResetEPSS 0.2%CVE-2023-44146MEDIUMWordPress Checkfront Online Booking System Plugin <= 3.6 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.2%CVE-2022-46810MEDIUMWordPress Thank You Page Customizer for WooCommerce – Increase Your Sales Plugin <= 1.0.13 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.2%CVE-2022-47144MEDIUMWordPress Mediamatic – Media Library Folders Plugin <= 2.8.1 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.2%CVE-2026-38934HIGHCross Site Request Forgery vulnerability in diskoverdata diskover-community v.2.3.5. and before allows a remote attacker to escalate privileEPSS 0.2%CVE-2024-35012MEDIUMidccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /admin/infoType_deal.php?mudi=add&nohrefStr=cloEPSS 0.2%CVE-2021-47860HIGHGetSimple CMS Custom JS 0.1 - CSRF to XSS to RCEEPSS 0.2%CVE-2024-31998HIGHCSRF security issue on CSV import in Combodo iTopEPSS 0.2%CVE-2024-42476MEDIUMoauth CSRF vulnerabilityEPSS 0.2%CVE-2024-7817MEDIUMMisiek Photo Album <= 1.4.3 - Album Deletion via CSRFEPSS 0.2%CVE-2025-13790MEDIUMScada-LTS cross-site request forgeryEPSS 0.2%CVE-2024-54321MEDIUMWordPress Hive Support plugin <= 1.1.2 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2024-27559MEDIUMStupid Simple CMS v1.2.4 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /save_settings.phpEPSS 0.2%