Weaknesses of type CWE-352

5,688 results

CVE-2022-41245HIGHA cross-site request forgery (CSRF) vulnerability in Jenkins Worksoft Execution Manager Plugin 10.0.3.503 and earlier allows attackers to coEPSS 0.4%CVE-2024-27631MEDIUMCross Site Request Forgery vulnerability in GNU Savane v.3.12 and before allows a remote attacker to escalate privileges via siteadmin/usergEPSS 0.4%CVE-2021-37201—A vulnerability has been identified in SINEC NMS (All versions < V1.0 SP1). The web interface of affected devices is vulnerable to a Cross-SEPSS 0.4%CVE-2021-41295HIGHECOA BAS controller - Cross-Site Request Forgery (CSRF)EPSS 0.4%CVE-2023-26841MEDIUMA cross-site request forgery (CSRF) vulnerability in ChurchCRM v4.5.3 allows attackers to change any user's password except for the user thaEPSS 0.4%CVE-2022-23983MEDIUMWordPress WP Content Copy Protection & No Right Click plugin <= 3.4.4 - Cross-Site Request Forgery (CSRF) leads to Settings Update vulnerabilityEPSS 0.4%CVE-2022-29453MEDIUMWordPress API KEY for Google Maps plugin <= 1.2.1 - CSRF vulnerability leading to Google Maps API key updateEPSS 0.4%CVE-2024-0880MEDIUMQidianbang qdbcrm Password Reset cross-site request forgeryEPSS 0.4%CVE-2024-2560MEDIUMTenda AC18 SysToolRestoreSet fromSysToolRestoreSet cross-site request forgeryEPSS 0.4%CVE-2023-7092MEDIUMUniway UW-302VP Admin Web Interface wlan_basic_set.cgi cross-site request forgeryEPSS 0.4%CVE-2022-29437MEDIUMWordPress Image Slider by NextCode plugin <= 1.1.2 - Multiple Cross-Site Request Forgery (CSRF) vulnerabilitiesEPSS 0.4%CVE-2022-43340HIGHA Cross-Site Request Forgery (CSRF) in dzzoffice 2.02.1_SC_UTF8 allows attackers to arbitrarily create user accounts and grant AdministratorEPSS 0.4%CVE-2022-23765HIGHIPTIME NAS family CSRF vulnerabilityEPSS 0.4%CVE-2021-24349—Gallery From Files <= 1.6.0 - Reflected Cross-Site Scripting (XSS)EPSS 0.4%CVE-2022-1573—HTML2WP <= 1.0.0 - Arbitrary Settings Update via CSRFEPSS 0.4%CVE-2022-1653—Social Share Buttons by Supsystic < 2.2.4 - Multiple CSRFEPSS 0.4%CVE-2022-1844—WP Sentry <= 1.0 - Arbitrary Settings Update to Stored XSS via CSRFEPSS 0.4%CVE-2021-24477—Migrate Users <= 1.0.1 - CSRF to Stored Cross-Site Scripting (XSS)EPSS 0.4%CVE-2022-1594—HC Custom WP-Admin URL <= 1.4 - Arbitrary Settings Update via CSRFEPSS 0.4%CVE-2021-24536—Custom Login Redirect <= 1.0.0 - CSRF to Stored XSSEPSS 0.4%

← previouspage 34 / 285next →