Weaknesses of type CWE-352

5,729 results
CVE-2025-62245MEDIUMCross-site request forgery (CSRF) vulnerability in Liferay Portal 7.4.1 through 7.4.3.112, and Liferay DXP 2023.Q4.0 through 2023.Q4.5, 2023EPSS 0.2%CVE-2020-37144MEDIUMExagate Sysguard 6001 - Cross-Site Request Forgery (Add Admin)EPSS 0.2%CVE-2024-7386MEDIUMPremium Packages – Sell Digital Products Securely <= 5.9.1 - Cross-Site Request ForgeryEPSS 0.2%CVE-2025-27912HIGHAn issue was discovered in Datalust Seq before 2024.3.13545. Missing Content-Type validation can lead to CSRF when (1) Entra ID or OpenID CoEPSS 0.2%CVE-2018-25387MEDIUMHaPe PKH 1.1 Cross-Site Request Forgery via aksi_user.phpEPSS 0.2%CVE-2024-4499HIGHCSRF Vulnerability in parisneo/lollms XTTS ServerEPSS 0.2%CVE-2024-38789MEDIUMWordPress Telegram Bot & Channel plugin <= 3.8.2 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2020-37026MEDIUMSickbeard 0.1 - Cross-Site Request ForgeryEPSS 0.2%CVE-2024-34807MEDIUMWordPress Fast Custom Social Share by CodeBard plugin <= 1.1.2 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2025-31639MEDIUMWordPress Spare <= 1.7 - Cross Site Request Forgery (CSRF) VulnerabilityEPSS 0.2%CVE-2026-27146HIGHGetSimple CMS: Cross-Site Request Forgery (CSRF) in File Upload Allows Arbitrary UploadsEPSS 0.2%CVE-2026-13944LOWInappropriate implementation in DataTransfer in Google Chrome on Mac prior to 150.0.7871.47 allowed a remote attacker who convinced a user tEPSS 0.2%CVE-2023-1604MEDIUMShort URL <= 1.6.8 - Cross-Site Request Forgery via configuration_pageEPSS 0.2%CVE-2024-38731MEDIUMWordPress i-amaze theme <= 1.3.7 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2024-38764MEDIUMWordPress i-transform theme <= 3.0.9 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2024-48191MEDIUMdingfanzu CMS 1.0 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /admin/doAdminAction.php?act=delAdmin&id=1EPSS 0.2%CVE-2019-25233MEDIUMAVE DOMINAplus 1.10.x Cross-Site Request Forgery and XSS VulnerabilitiesEPSS 0.2%CVE-2024-43336MEDIUMWordPress WP User Manager – User Profile Builder & Membership plugin <= 2.9.10 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2024-8319MEDIUMTourfic <= 2.11.20 - Cross-Site Request Forgery in Multiple FunctionsEPSS 0.2%CVE-2025-39512MEDIUMWordPress Bulk Term Editor plugin <= 1.1.4 - Cross Site Request Forgery (CSRF) VulnerabilityEPSS 0.2%