Weaknesses of type CWE-352
5,677 resultsCVE-2023-24437HIGHA cross-site request forgery (CSRF) vulnerability in Jenkins JIRA Pipeline Steps Plugin 2.0.165.v8846cf59f3db and earlier allows attackers tEPSS 0.5%CVE-2022-3057MEDIUMInappropriate implementation in iframe Sandbox in Google Chrome prior to 105.0.5195.52 allowed a remote attacker to leak cross-origin data vEPSS 0.5%CVE-2020-23585HIGHA remote attacker can conduct a cross-site request forgery (CSRF) attack on OPTILINK OP-XT71000N Hardware Version: V2.2 , Firmware Version: EPSS 0.5%CVE-2022-1424—Ask Me < 6.8.2 - Multiple CSRF in AJAX ActionsEPSS 0.5%CVE-2022-1827—PDF24 Article To PDF <= 4.2.2 - Arbitrary Settings Update via CSRFEPSS 0.5%CVE-2022-1790—New User Email Set Up <= 0.5.2 - Arbitrary Settings Update via CSRFEPSS 0.5%CVE-2022-1624—Latest Tweets Widget <= 1.1.4 - Arbitrary Settings Update via CSRFEPSS 0.5%CVE-2022-1407—VikBooking Hotel Booking Engine & PMS < 1.5.7 - Stored Cross-Site Scripting via CSRFEPSS 0.5%CVE-2022-1832—CaPa Protect <= 0.5.8.2 - Arbitrary Settings Update via CSRFEPSS 0.5%CVE-2022-1608—OnePress Social Locker <= 5.6.2 - Arbitrary Settings Update via CSRFEPSS 0.5%CVE-2022-1829—Inline Google Maps <= 5.11 - Arbitrary Settings Update to Stored XSS via CSRFEPSS 0.5%CVE-2022-1610—Seamless Donations < 5.1.9 - Arbitrary Settings Update via CSRFEPSS 0.5%CVE-2022-1694—Useful Banner Manager <= 1.6.1 - Modify banners via CSRFEPSS 0.5%CVE-2022-1605—Email Users <= 4.8.8 - Arbitrary Settings Update via CSRFEPSS 0.5%CVE-2022-1630—WP-Email < 2.69.0 - Log Deletion via CSRFEPSS 0.5%CVE-2022-1422—Discy < 5.2 - Restore Default Settings via CSRFEPSS 0.5%CVE-2022-1828—PDF24 Articles To PDF <= 4.2.2 - Arbitrary Settings Update via CSRFEPSS 0.5%CVE-2022-1612—Webriti SMTP Mail <= 1.0 - Arbitrary Settings Update via CSRFEPSS 0.5%CVE-2022-1826—Cross-Linker <= 3.0.1.9 - Arbitrary Cross-Link Creation via CSRFEPSS 0.5%CVE-2021-3900MEDIUMCross-Site Request Forgery (CSRF) in firefly-iii/firefly-iiiEPSS 0.5%