Weaknesses of type CWE-352
5,733 resultsCVE-2026-8412LOWConcrete CMS 9 before 9.5.0 is vulnerable to Cross Site Request Forgery (CSRF) at concrete/controllers/dialog/page/bulk/cacheEPSS 0.1%CVE-2026-8434LOWConcrete CMS 9 before 9.5.0 is vulnerable to Cross Site Request Forgery (CSRF) at concrete/controllers/backend/file rescanMultiple()EPSS 0.1%CVE-2026-8414LOWConcrete CMS 9 before 9.5.0 is vulnerable to Cross Site Request Forgery (CSRF) at concrete/controllers/dialog/event/duplicateEPSS 0.1%CVE-2026-8432LOWConcrete CMS 9 before 9.5.0 is vulnerable to Cross Site Request Forgery (CSRF) at concrete/controllers/backend/file star()EPSS 0.1%CVE-2019-25447MEDIUMOrientDB 3.0.17 Cross-Site Request ForgeryEPSS 0.1%CVE-2026-8413LOWConcrete CMS 9 before 9.5.0 is vulnerable to Cross Site Request Forgery (CSRF) at concrete/controllers/dialog/page/bulk/designEPSS 0.1%CVE-2025-64262MEDIUMWordPress Auto Prune Posts plugin <= 3.0.0 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.1%CVE-2025-46251HIGHWordPress VikRestaurants Table Reservations and Take-Away plugin <= 1.3.3 - CSRF to Stored XSS vulnerabilityEPSS 0.1%CVE-2019-25313MEDIUMFlexNet Publisher 11.12.1 - Cross-Site Request Forgery (Add Local Admin)EPSS 0.1%CVE-2025-62112MEDIUMWordPress Import into Easy Property Listings plugin <= 2.2.1 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.1%CVE-2026-32816MEDIUMAdmidio has Missing CSRF Validation on Role Delete, Activate, and Deactivate ActionsEPSS 0.1%CVE-2025-24749HIGHWordPress EZPZ SAML SP Single Sign On (SSO) plugin <= 1.2.5 - CSRF to Stored XSS vulnerabilityEPSS 0.1%CVE-2025-13143MEDIUMPoll, Survey & Quiz Maker Plugin by Opinion Stage <= 19.12.0 - Cross-Site Request Forgery to Account DisconnectionEPSS 0.1%CVE-2025-13924MEDIUMAdvanced Product Fields (Product Addons) for WooCommerce <= 1.6.17 - Cross-Site Request Forgery to Product Field Group Duplication and PublicationEPSS 0.1%CVE-2025-13629MEDIUMWP Landing Page <= 0.9.3 - Cross-Site Request Forgery to Arbitrary Post Meta UpdateEPSS 0.1%CVE-2025-13140MEDIUMSurveyJS: Drag & Drop WordPress Form Builder <= 1.12.20 - Cross-Site Request Forgery to Survey DeletionEPSS 0.1%CVE-2025-23978HIGHWordPress FlashCounter plugin <= 1.1.8 - CSRF to Stored Cross Site Scripting (XSS) vulnerabilityEPSS 0.1%CVE-2025-25166HIGHWordPress InLocation plugin <= 1.8 - Cross Site Scripting (XSS) vulnerabilityEPSS 0.1%CVE-2025-14162MEDIUMBMLT WordPress Plugin <= 3.11.4 - Cross-Site Request Forgery to Settings Creation and DeletionEPSS 0.1%CVE-2025-14062MEDIUMAnimated Pixel Marquee Creator <= 1.0.0 - Cross-Site Request Forgery via 'marquee' ParameterEPSS 0.1%