Weaknesses of type CWE-352

5,738 results
CVE-2018-25177MEDIUMData Center Audit 2.6.2 Cross-Site Request Forgery via dca_resetpw.phpEPSS 0.1%CVE-2025-6054MEDIUMYANewsflash <= 1.0.3 - Cross-Site Request Forgery to Stored Cross-Site ScriptingEPSS 0.1%CVE-2025-25149HIGHWordPress Login-box plugin <= 2.0.4 - CSRF to Stored XSS vulnerabilityEPSS 0.1%CVE-2018-25174MEDIUMABC ERP 0.6.4 Cross-Site Request Forgery via _configurar_perfil.phpEPSS 0.1%CVE-2025-1927HIGHCSRF in Restajet's Online Food Delivery SystemEPSS 0.1%CVE-2025-25147HIGHWordPress Auto SEO plugin <= 2.5.6 - CSRF to Stored XSS vulnerabilityEPSS 0.1%CVE-2025-62687MEDIUMCross-site request forgery vulnerability exists in LogStare Collector. If a user views a crafted page while logged, unintended operations maEPSS 0.1%CVE-2026-1377MEDIUMimwptip <= 1.1 - Cross-Site Request Forgery to Settings UpdateEPSS 0.1%CVE-2025-4194MEDIUMAlT Monitoring <= 1.0.3 - Cross-Site Request Forgery to Stored Cross-Site ScriptingEPSS 0.1%CVE-2026-1983MEDIUMSEATT: Simple Event Attendance <= 1.5.0 - Cross-Site Request Forgery to Arbitrary Event DeletionEPSS 0.1%CVE-2025-10376MEDIUMCourse Redirects for Learndash Plugin <= 0.4 - Cross-Site Request ForgeryEPSS 0.1%CVE-2025-59894HIGHCross-Site request forgery (CSRF) vulnerability in Sync Breeze Enterprise ServerEPSS 0.1%CVE-2025-48284MEDIUMWordPress Japanized For WooCommerce plugin <= 2.6.40 - Cross Site Request Forgery (CSRF) VulnerabilityEPSS 0.1%CVE-2025-54020MEDIUMWordPress AntiSpam for Contact Form 7 plugin <= 0.6.3 - Cross Site Request Forgery (CSRF) VulnerabilityEPSS 0.1%CVE-2025-55046HIGHMuraCMS through 10.1.10 contains a CSRF vulnerability that allows attackers to permanently destroy all deleted content stored in the trash sEPSS 0.1%CVE-2026-1508MEDIUMCourt Reservation < 1.10.9 - Event Deletion via CSRFEPSS 0.1%CVE-2025-7842MEDIUMSilencesoft RSS Reader <= 0.6 - Cross-Site Request Forgery to RSS Feed DeletionEPSS 0.1%CVE-2026-8902MEDIUMAJAX Report Comments <= 2.0.4 - Cross-Site Request Forgery to Settings UpdateEPSS 0.1%CVE-2025-9894MEDIUMSync Feedly <= 1.0.1 - Cross-Site Request Forgery to Sync TriggerEPSS 0.1%CVE-2026-1085MEDIUMTrue Ranker <= 2.2.9 - Cross-Site Request Forgery to Unauthorized True Ranker DisconnectionEPSS 0.1%