Weaknesses of type CWE-352
5,677 resultsCVE-2022-0445—WordPress Real Cookie Banner < 2.14.2 - Settings Reset via CSRFEPSS 0.5%CVE-2024-6316HIGHGenerate PDF using Contact Form 7 <= 4.1.2 - Cross-Site Request Forgery to Arbitrary File UploadEPSS 0.5%CVE-2022-0681—Simple Membership < 4.1.0 - Arbitrary Transaction Deletion via CSRFEPSS 0.5%CVE-2021-24843—SupportCandy < 2.2.7 - Arbitrary Ticket Deletion via CSRFEPSS 0.5%CVE-2021-25098—Easy Pricing Tables < 3.1.3 - Arbitrary Post Removal via CSRFEPSS 0.5%CVE-2020-7336MEDIUMNetwork Security Management (NSM) - Cross Site Request Forgery vulnerabilityEPSS 0.5%CVE-2021-41275CRITICALAuthentication Bypass by CSRF WeaknessEPSS 0.5%CVE-2021-24636—Print My Blog < 3.4.2 - Plugin Deactivation via CSRFEPSS 0.5%CVE-2021-24641—Images to WebP < 1.9 - Multiple Cross Site Request Forgery (CSRF)EPSS 0.5%CVE-2020-29030HIGHInsufficient CSRF guardsEPSS 0.5%CVE-2022-2443HIGHFreeMind WP Browser <= 1.2 - Cross-Site Request Forgery to Cross-Site ScriptingEPSS 0.5%CVE-2021-39209HIGHBypassable CSRF protectionEPSS 0.5%CVE-2016-9456—Revive Adserver before 3.2.3 suffers from Cross-Site Request Forgery (CSRF). The Revive Adserver team conducted a security audit of the admiEPSS 0.5%CVE-2022-1779—Auto Delete Posts <= 1.3.0 - Arbitrary Settings Update via CSRFEPSS 0.5%CVE-2022-1791—One Click Plugin Updater <= 2.4.14 - Arbitrary Settings Update via CSRFEPSS 0.5%CVE-2023-24447HIGHA cross-site request forgery (CSRF) vulnerability in Jenkins RabbitMQ Consumer Plugin 2.8 and earlier allows attackers to connect to an attaEPSS 0.5%CVE-2023-24452HIGHA cross-site request forgery (CSRF) vulnerability in Jenkins TestQuality Updater Plugin 1.3 and earlier allows attackers to connect to an atEPSS 0.5%CVE-2023-24437HIGHA cross-site request forgery (CSRF) vulnerability in Jenkins JIRA Pipeline Steps Plugin 2.0.165.v8846cf59f3db and earlier allows attackers tEPSS 0.5%CVE-2022-2541HIGHuContext for Amazon <= 3.9.1 - Cross-Site Request Forgery to Cross-Site ScriptingEPSS 0.5%CVE-2023-24432HIGHA cross-site request forgery (CSRF) vulnerability in Jenkins Orka by MacStadium Plugin 1.31 and earlier allows attackers to connect to an atEPSS 0.5%