Weaknesses of type CWE-352
5,733 resultsCVE-2026-29784HIGHGhost: Incomplete CSRF protections around OTC useEPSS 0.2%CVE-2025-50044MEDIUMWordPress Real Estate Manager plugin <= 7.3 - Cross Site Request Forgery (CSRF) VulnerabilityEPSS 0.2%CVE-2025-50586MEDIUMStudentManage v1.0 was discovered to contain Cross-Site Request Forgery (CSRF).EPSS 0.2%CVE-2026-35096MEDIUMCross-Site Request Forgery (CSRF) in KTM System e-BOKEPSS 0.2%CVE-2025-8669MEDIUMCustomify <= 0.4.11 - Cross-Site Request ForgeryEPSS 0.2%CVE-2026-11784MEDIUMOptimole – Optimize Images | Convert WebP & AVIF | CDN & Lazy Load | Image Optimization <= 4.2.6 - Cross-Site Request Forgery via 'optml_replace_file' AJAX ActionEPSS 0.2%CVE-2024-53778HIGHWordPress Essential Breadcrumbs plugin <= 1.1.1 - CSRF to Stored Cross Site Scripting (XSS) vulnerabilityEPSS 0.2%CVE-2026-34611MEDIUMAVideo: CSRF on emailAllUsers.json.php Enables Mass Phishing Email to All UsersEPSS 0.2%CVE-2025-0610HIGHCSRF in Akinsoft's QR MenuEPSS 0.2%CVE-2025-0748MEDIUMHomey <= 2.4.3 - Cross-Site Request Forgery to User VerificationEPSS 0.2%CVE-2026-4133MEDIUMTextP2P Texting Widget <= 1.7 - Cross-Site Request Forgery to Settings UpdateEPSS 0.2%CVE-2026-46955HIGHVulnerability in the Oracle Human Resources product of Oracle E-Business Suite (component: Person). Supported versions that are affected arEPSS 0.2%CVE-2025-26593MEDIUMWordPress FastBook plugin <= 1.1 - Cross Site Request Forgery (CSRF) VulnerabilityEPSS 0.2%CVE-2024-49220HIGHWordPress Cookie Scanner plugin <= 1.1 - CSRF to Stored XSS vulnerabilityEPSS 0.2%CVE-2018-25435MEDIUMZeusCart 4.0 Deactivate Customer Accounts CSRFEPSS 0.2%CVE-2026-1072MEDIUMKeybase.io Verification <= 1.4.5 - Cross-Site Request Forgery to Settings UpdateEPSS 0.2%CVE-2024-49221HIGHWordPress cSlider plugin <= 2.4.2 - CSRF to Stored XSS vulnerabilityEPSS 0.2%CVE-2020-37145MEDIUMHRSALE 1.1.8 - Cross-Site Request Forgery (Add Admin)EPSS 0.2%CVE-2025-23113LOWAn issue was discovered in REDCap 14.9.6. It has an action=myprojects&logout=1 CSRF issue in the alert-title while performing an upload of aEPSS 0.2%CVE-2024-37452MEDIUMWordPress Schema Lite theme <= 1.2.2 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%