Weaknesses of type CWE-352
5,716 resultsCVE-2024-36547MEDIUMidccms V1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component admin/vpsClass_deal.php?mudi=addEPSS 0.2%CVE-2022-43470HIGHCross-site request forgery (CSRF) vulnerability in +F FS040U software versions v2.3.4 and earlier, +F FS020W software versions v4.0.0 and eaEPSS 0.2%CVE-2024-7688MEDIUMAZIndex <= 0.8.1 - Index Deletion via CSRFEPSS 0.2%CVE-2025-13790MEDIUMScada-LTS cross-site request forgeryEPSS 0.2%CVE-2024-7817MEDIUMMisiek Photo Album <= 1.4.3 - Album Deletion via CSRFEPSS 0.2%CVE-2020-36886MEDIUMSpinetiX Fusion Digital Signage 3.4.8 Cross-Site Request Forgery via User CreationEPSS 0.2%CVE-2024-36550MEDIUMidccms V1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) via /admin/vpsCompany_deal.php?mudi=add&nohrefStr=closeEPSS 0.2%CVE-2024-54321MEDIUMWordPress Hive Support plugin <= 1.1.2 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2026-6451MEDIUMCMS für Motorrad Werkstätten <= 1.0.0 - Cross-Site Request ForgeryEPSS 0.2%CVE-2024-0516MEDIUMRoyal Elementor Addons and Templates <= 1.3.87 - Missing Authorization via wpr_update_form_action_metaEPSS 0.2%CVE-2024-1407MEDIUMPaid Memberships Pro <= 2.12.10 - Cross-Site Request Forgery to Membership ModificationEPSS 0.2%CVE-2024-13356MEDIUMDSGVO All in one for WP <= 4.6 - Cross-Site Request Forgery to Account DeletionEPSS 0.2%CVE-2024-46085HIGHFrogCMS V0.9.5 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/?/plugin/file_manager/renameEPSS 0.2%CVE-2024-3943MEDIUMWP To Do <= 1.3.0 - Cross-Site Request Forgery via wptodo_addcommentEPSS 0.2%CVE-2024-0512MEDIUMRoyal Elementor Addons and Templates <= 1.3.87 - Cross-Site Request Forgery via add_to_wishlistEPSS 0.2%CVE-2025-47886MEDIUMA cross-site request forgery (CSRF) vulnerability in Jenkins Cadence vManager Plugin 4.0.1-286.v9e25a_740b_a_48 and earlier allows attackersEPSS 0.2%CVE-2024-3947MEDIUMWP To Do <= 1.3.0 - Cross-Site Request Forgery via wptodo_settingsEPSS 0.2%CVE-2020-36900HIGHAll-Dynamics Digital Signage System 2.0.2 Cross-Site Request Forgery via User ManagementEPSS 0.2%CVE-2024-31430MEDIUMCross-Site Request Forgery (CSRF) vulnerability in realmag777 BEAR and WOLF WordPress pluginsEPSS 0.2%CVE-2026-6109MEDIUMFoundationAgents MetaGPT Mineflayer HTTP API index.js evaluateCode cross-site request forgeryEPSS 0.2%