Weaknesses of type CWE-352

5,719 results
CVE-2024-24884MEDIUMWordPress Contact Form 7 Connector Plugin <= 1.2.2 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.2%CVE-2024-32107MEDIUMWordPress Finale Lite plugin <= 2.18.0 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2023-40556MEDIUMWordPress Schedule Posts Calendar Plugin <= 5.2 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.2%CVE-2023-45643MEDIUMWordPress CPT Shortcode Generator Plugin <= 1.0 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.2%CVE-2023-45606MEDIUMWordPress Simple URLs Plugin <= 120 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.2%CVE-2023-45268MEDIUMWordPress Hitsteps Web Analytics Plugin <= 5.86 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.2%CVE-2022-47169MEDIUMWordPress Visibility Logic for Elementor Plugin <= 2.3.4 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.2%CVE-2023-46085MEDIUMWordPress Wp Ultimate Review Plugin <= 2.2.4 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.2%CVE-2023-46089MEDIUMWordPress Userback Plugin <= 1.0.13 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.2%CVE-2024-25914MEDIUMWordPress SMTP Mail Plugin <= 1.3.20 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.2%CVE-2023-40607MEDIUMWordPress CLUEVO LMS, E-Learning Platform Plugin <= 1.10.0 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.2%CVE-2024-33650MEDIUMWordPress Serious Slider plugin <= 1.2.4 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2023-5802MEDIUMWordPress WP Knowledgebase Plugin <= 1.3.4 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.2%CVE-2023-45106MEDIUMWordPress Urvanov Syntax Highlighter Plugin <= 2.8.33 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.2%CVE-2024-8489HIGHCSRF due to overly permissive CORS headers in modelscope/agentscopeEPSS 0.2%CVE-2024-3083HIGHA “CWE-352: Cross-Site Request Forgery (CSRF)” can be exploited by remote attackers to perform state-changing operations with administrativeEPSS 0.2%CVE-2024-43338MEDIUMWordPress Crowdsignal Polls & Ratings plugin <= 3.1.3 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2024-22136MEDIUMWordPress Droit Elementor Addons Plugin <= 3.1.5 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.2%CVE-2024-30493MEDIUMWordPress Church Admin plugin <= 4.1.7 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2024-25904MEDIUMWordPress TinyMCE Professional Formats and Styles Plugin <= 1.1.2 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.2%