Weaknesses of type CWE-352

5,717 results
CVE-2024-24843HIGHWordPress PowerPack Pro for Elementor Plugin < 2.10.8 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.2%CVE-2026-42073MEDIUMOpenClaude's MCP OAuth Callback: State Check Bypass via error Param Leads to DoSEPSS 0.2%CVE-2025-5885MEDIUMKonica Minolta bizhub cross-site request forgeryEPSS 0.2%CVE-2026-6293MEDIUMInquiry form to posts or pages <= 1.0 - Cross-Site Request Forgery to Stored Cross-Site Scripting via 'inq_header' ParameterEPSS 0.2%CVE-2024-28430MEDIUMDedeCMS v5.7 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via the component /dede/catalog_edit.php.EPSS 0.2%CVE-2024-4344MEDIUMShield Security – Smart Bot Blocking & Intrusion Prevention Security <= 19.1.13 - Cross-Site Request ForgeryEPSS 0.2%CVE-2024-54356MEDIUMWordPress Online Booking & Scheduling Calendar for WordPress by vcita plugin <= 4.5 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2024-23597MEDIUMCross-site request forgery (CSRF) vulnerability exists in TvRock 0.9t8a. If a logged-in user of TVRock accesses a specially crafted page, unEPSS 0.2%CVE-2024-5804MEDIUMConditional Fields for Contact Form 7 <= 2.4.13 - Cross-Site Request Forgery to Plugin Setting ResetEPSS 0.2%CVE-2022-50804MEDIUMJM-DATA ONU JF511-TV 1.0.67 Cross-Site Request Forgery (CSRF) VulnerabilityEPSS 0.2%CVE-2023-5982MEDIUMUpdraftPlus <= 1.23.10 - Cross-Site Request Forgery to Google Drive Storage UpdateEPSS 0.2%CVE-2024-8476MEDIUMEasy PayPal Events <= 1.2.1 - Cross-Site Request Forgery to Arbitrary Post DeletionEPSS 0.2%CVE-2024-2951MEDIUMWordPress RegistrationMagic plugin <= 5.3.0.0 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2024-55945MEDIUMCross-Site Request Forgery in DB Check Module in TYPO3EPSS 0.2%CVE-2023-35877HIGHWordPress Extra User Details Plugin <= 0.5 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.2%CVE-2025-7834MEDIUMPHPGurukul Complaint Management System cross-site request forgeryEPSS 0.2%CVE-2023-34029MEDIUMWordPress Disable WordPress Update Notifications Plugin <= 2.3.3 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.2%CVE-2023-24417MEDIUMWordPress Worthy – VG WORT Integration für WordPress Plugin <= 1.6.5-6497609 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.2%CVE-2023-35044MEDIUMWordPress Securimage-WP Plugin <= 3.6.16 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.2%CVE-2022-40198MEDIUMWordPress TeraWallet – For WooCommerce Plugin <= 1.3.24 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.2%