Weaknesses of type CWE-352
5,740 resultsCVE-2025-2863MEDIUMCross-site request forgery (CSRF) vulnerability in saTECH BCUEPSS 0.1%CVE-2025-49346HIGHWordPress Simple Archive Generator plugin <= 5.2 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.1%CVE-2025-49343HIGHWordPress Social Profilr plugin <= 1.0 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.1%CVE-2026-57758HIGHWordPress Permalink Manager for WooCommerce plugin <= 1.0.8.2 - CSRF to Stored XSS vulnerabilityEPSS 0.1%CVE-2025-49344HIGHWordPress SensitiveTagCloud plugin <= 1.4.1 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.1%CVE-2025-59131HIGHWordPress WP-CalDav2ICS plugin <= 1.3.4 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.1%CVE-2026-27632LOWTalishar Vulnerable to Cross-Site Request Forgery (CSRF)EPSS 0.1%CVE-2025-62346MEDIUMHCL Glovius Cloud is susceptible to a Cross-Site Request Forgery (CSRF) vulnerabilityEPSS 0.1%CVE-2025-68604MEDIUMWordPress WPGraphQL plugin <= 2.5.3 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.1%CVE-2025-31054HIGHWordPress Bloggie theme <= 2.0.8 - Cross Site Scripting (XSS) VulnerabilityEPSS 0.1%CVE-2025-49028HIGHWordPress Zoho ZeptoMail plugin <= 3.3.1 - Cross Site Request Forgery (CSRF) to Stored XSS vulnerabilityEPSS 0.1%CVE-2026-58518MEDIUMCross-Site request forgery (CSRF) vulnerability in The Wikimedia Foundation Mediawiki - RedirectManager Extension allows Cross Site Request EPSS 0.1%CVE-2025-66629LOWHedgeDoc is missing state parameter in OAuth2 flows could lead to CSRFEPSS 0.1%CVE-2025-51733MEDIUMCross-Site Request Forgery (CSRF) vulnerability in HCL Technologies Ltd. Unica 12.0.0.EPSS 0.1%CVE-2025-31963LOWHCL BigFix IVR is impacted by improper authentication and missing CSRF protectionEPSS 0.1%CVE-2026-29084MEDIUMGokapi: CSRF in Login EndpointEPSS 0.1%CVE-2026-15747—Mojolicious versions from 4.59 before 9.48 for Perl expose a stable representation of the session CSRF token to a BREACH compression oracleEPSS —CVE-2026-61502MEDIUMRejetto HFS < 3.2.1 Cross-Site Request Forgery via GET RequestsEPSS —CVE-2026-58489MEDIUMHedgeDoc: CSRF in GitHub Gist export callbackEPSS —CVE-2026-58476HIGHSustainable Irrigation Platform 5.2.16 CSRF via Administrative GET RequestsEPSS —