Weaknesses of type CWE-352
5,730 resultsCVE-2024-26153MEDIUMETIC Telecom Remote Access Server (RAS) Cross-Site Request ForgeryEPSS 0.2%CVE-2024-13795MEDIUMEcwid by Lightspeed Ecommerce Shopping Cart <= 6.12.27 - Cross-Site Request Forgery to Send Deactivation MessageEPSS 0.2%CVE-2025-56009MEDIUMCross site request forgery (CSRF) vulnerability in KeeneticOS before 4.3 at "/rci" API endpoint allows attackers to take over the device viaEPSS 0.2%CVE-2026-34384MEDIUMAdmidio: Missing CSRF Protection on Registration Approval ActionsEPSS 0.2%CVE-2025-48099MEDIUMWordPress Search & Filter plugin <= 1.2.17 - Cross Site Request Forgery (CSRF) to Open Redirect vulnerabilityEPSS 0.2%CVE-2025-23703HIGHWordPress Free MailClient FMC plugin <= 1.0 - CSRF to Stored XSS vulnerabilityEPSS 0.2%CVE-2024-48047MEDIUMWordPress Linked Variation for WooCommerce plugin <= 1.0.5 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2026-39641MEDIUMWordPress Blackfyre theme <= 2.5.4 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2024-40035MEDIUMidccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/userLevel_deal.php?mudi=add.EPSS 0.2%CVE-2025-23691HIGHWordPress Send to Twitter plugin <= 1.7.2 - CSRF to Stored XSS vulnerabilityEPSS 0.2%CVE-2025-23693HIGHWordPress Secure CAPTCHA plugin <= 1.2 - CSRF to Stored XSS vulnerabilityEPSS 0.2%CVE-2025-22301MEDIUMWordPress MyBookTable Bookstore by Stormhill Media plugin <= 3.5.3 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2025-43809MEDIUMCross-Site Request Forgery (CSRF) vulnerability in the server (license) registration page in Liferay Portal 7.4.0 through 7.4.3.111, and oldEPSS 0.2%CVE-2025-23712HIGHWordPress Kapost plugin <= 2.2.9 - CSRF to Stored XSS vulnerabilityEPSS 0.2%CVE-2025-23694HIGHWordPress Shabbos and Yom Tov plugin <= 1.9 - CSRF to Stored XSS vulnerabilityEPSS 0.2%CVE-2025-23710HIGHWordPress Flying Twitter Birds plugin <= 1.8 - CSRF to Stored XSS vulnerabilityEPSS 0.2%CVE-2025-23677HIGHWordPress HTTP to HTTPS link changer by Eyga.net plugin <= 0.2.4 - CSRF to Stored XSS vulnerabilityEPSS 0.2%CVE-2025-32679MEDIUMWordPress User Registration Using Contact Form 7 plugin <= 2.4 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2025-22300MEDIUMWordPress PixelYourSite plugin <= 10.0.1.2 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2024-13405MEDIUMApptivo Business Site CRM <= 5.3 - Cross-Site Request Forgery to IP Address BlockEPSS 0.2%