Weaknesses of type CWE-352

5,724 results
CVE-2024-10480MEDIUM3DPrint Lite < 2.1 - Settings Update via CSRFEPSS 0.2%CVE-2025-21513MEDIUMVulnerability in the JD Edwards EnterpriseOne Tools product of Oracle JD Edwards (component: Web Runtime SEC). Supported versions that are EPSS 0.2%CVE-2024-49779MEDIUMIBM OpenPages cross-site request forgeryEPSS 0.2%CVE-2024-31205MEDIUMSaleor CSRF bypass in refreshToken mutationEPSS 0.2%CVE-2025-10317MEDIUMMultiple Cross-Site Request Forgery in Quick.CartEPSS 0.2%CVE-2024-51669MEDIUMWordPress Dynamic Widgets plugin <= 1.6.4 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2024-49272MEDIUMWordPress Social Auto Poster plugin <= 5.3.15 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2023-50930HIGHAn issue was discovered in savignano S/Notify before 4.0.2 for Jira. While an administrative user is logged on, the configuration settings oEPSS 0.2%CVE-2025-1314MEDIUMCustom Twitter Feeds <= 2.2.5 - Cross-Site Request Forgery to Cache Reset via ctf_clear_cache_admin FunctionEPSS 0.2%CVE-2025-13179MEDIUMBdtask/CodeCanyon Wholesale Inventory Control and Inventory Management System cross-site request forgeryEPSS 0.2%CVE-2024-53684HIGHA cross-site request forgery (csrf) vulnerability exists in the WEBVIEW-M functionality of Socomec DIRIS Digiware M-70 1.6.9. A specially crEPSS 0.2%CVE-2024-32863MEDIUMexacqVison - CSRF issues with Web ServiceEPSS 0.2%CVE-2018-25370MEDIUMAdmidio 3.3.5 Cross-Site Request Forgery via roles_function.phpEPSS 0.2%CVE-2024-1375MEDIUMEvent post <= 5.9.10 - Cross-Site Request ForgeryEPSS 0.2%CVE-2023-45763MEDIUMWordPress Taggbox Plugin <= 2.9 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.2%CVE-2024-39020MEDIUMidccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/vpsApiData_deal.php?mudi=rev&nohrefStr=cEPSS 0.2%CVE-2024-12555MEDIUMSIP Calculator <= 1.0 - Cross-Site Request Forgery to Stored Cross-Site ScriptingEPSS 0.2%CVE-2026-50132HIGHBudibase: Chat Identity Link Hijacking via Missing Consent & CSRF — Account Impersonation in BudibaseEPSS 0.2%CVE-2024-35039LOWidccms V1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) via admin/tplSys_deal.php?mudi=area.EPSS 0.2%CVE-2024-9943MEDIUMMultiVendorX – The Ultimate WooCommerce Multivendor Marketplace Solution <= 4.2.4 - Cross-Site Request Forgery to Vendor UpdatesEPSS 0.2%