Weaknesses of type CWE-352
5,688 resultsCVE-2021-36878MEDIUMWordPress uListing plugin <= 2.0.5 - Settings Update via Cross-Site Request Forgery (CSRF) vulnerabilityEPSS 0.4%CVE-2022-42751HIGHCandidATS version 3.0.0 allows an external attacker to elevate privileges in the application. This is possible because the application suffeEPSS 0.4%CVE-2022-0515MEDIUMCross-Site Request Forgery (CSRF) in crater-invoice/craterEPSS 0.4%CVE-2022-4218MEDIUMChained Quiz <= 1.3.2.4 - Cross-Site Request Forgery to Arbitrary Quiz Deletion and CopyingEPSS 0.4%CVE-2022-37719HIGHA Cross-Site Request Forgery (CSRF) in the management portal of JetNexus/EdgeNexus ADC 4.2.8 allows attackers to escalate privileges and exeEPSS 0.4%CVE-2022-4021HIGHPermalink Manager Lite <= 2.2.20.1 - Cross-Site Request ForgeryEPSS 0.4%CVE-2021-24805—DW Question & Answer Pro <= 1.3.4 - Multiple CSRFEPSS 0.4%CVE-2024-4587MEDIUMDedeCMS tpl.php cross-site request forgeryEPSS 0.4%CVE-2024-4589MEDIUMDedeCMS mytag_edit.php cross-site request forgeryEPSS 0.4%CVE-2024-4586MEDIUMDedeCMS shops_delivery.php cross-site request forgeryEPSS 0.4%CVE-2018-0444—Cisco Packaged Contact Center Enterprise Cross-Site Scripting VulnerabilityEPSS 0.4%CVE-2022-3898HIGHWP Affiliate Platform <= 6.3.9 - Cross-Site Request ForgeryEPSS 0.4%CVE-2024-4590MEDIUMDedeCMS sys_info.php cross-site request forgeryEPSS 0.4%CVE-2024-21381MEDIUMMicrosoft Azure Active Directory B2C Spoofing VulnerabilityEPSS 0.4%CVE-2024-4588MEDIUMDedeCMS mytag_add.php cross-site request forgeryEPSS 0.4%CVE-2023-2407MEDIUMEvent Registration Calendar By vcita <= 1.3.1 & Online Payments – Get Paid with PayPal, Square & Stripe <= 3.10.0 - Cross-Site Request Forgery to Stored Cross-Site ScriptingEPSS 0.4%CVE-2024-3144MEDIUMDedeCMS makehtml_spec.php cross-site request forgeryEPSS 0.4%CVE-2024-4594MEDIUMDedeCMS sys_safe.php cross-site request forgeryEPSS 0.4%CVE-2024-3145MEDIUMDedeCMS makehtml_js_action.php cross-site request forgeryEPSS 0.4%CVE-2022-23044HIGHTiny File Manager version 2.4.8 allows an unauthenticated remote attacker to persuade users to perform unintended actions within the applicaEPSS 0.4%