Weaknesses of type CWE-352
5,689 resultsCVE-2024-24820HIGHIcinga Director configuration is susceptible to Cross-Site Request ForgeryEPSS 0.4%CVE-2021-4418MEDIUMCustom CSS, JS & PHP <= 2.0.7 - Cross-Site Request Forgery BypassEPSS 0.4%CVE-2020-36751MEDIUMCoupon Creator <= 3.1 - Cross-Site Request Forgery BypassEPSS 0.4%CVE-2022-43418MEDIUMA cross-site request forgery (CSRF) vulnerability in Jenkins Katalon Plugin 1.0.33 and earlier allows attackers to connect to an attacker-spEPSS 0.4%CVE-2020-36754MEDIUMPaid Memberships Pro <= 2.4.2 - Cross-Site Request Forgery BypassEPSS 0.4%CVE-2020-36758MEDIUMRSS Aggregator by Feedzy <= 3.4.2 - Cross-Site Request Forgery BypassEPSS 0.4%CVE-2020-36755MEDIUMCustomizr <= 4.3.0 - Cross-Site Request Forgery BypassEPSS 0.4%CVE-2021-3683MEDIUMCross-Site Request Forgery (CSRF) in star7th/showdocEPSS 0.4%CVE-2020-36759MEDIUMWoody code snippets <= 2.3.9 - Cross-Site Request Forgery BypassEPSS 0.4%CVE-2022-4220MEDIUMChained Quiz <= 1.3.2.4 - Cross-Site Request Forgery to Question DeletionEPSS 0.4%CVE-2020-36753MEDIUMHueman <= 3.6.3 - Cross-Site Request Forgery BypassEPSS 0.4%CVE-2022-4219MEDIUMChained Quiz <= 1.3.2.4 - Cross-Site Request Forgery to Submitted Response DeletionEPSS 0.4%CVE-2024-2821MEDIUMDedeCMS friendlink_edit.php cross-site request forgeryEPSS 0.4%CVE-2021-36890MEDIUMWordPress Social Share Buttons by Supsystic plugin <= 2.2.2 - Cross-Site Request Forgery (CSRF) vulnerabilityEPSS 0.4%CVE-2025-25748HIGHA CSRF vulnerability in the gestione_utenti.php endpoint of HotelDruid 3.0.7 allows attackers to perform unauthorized actions (e.g., modifyiEPSS 0.4%CVE-2023-33409MEDIUMMinical 1.0.0 is vulnerable to Cross Site Request Forgery (CSRF) via minical/public/application/controllers/settings/company.php.EPSS 0.4%CVE-2023-2416MEDIUMOnline Booking & Scheduling Calendar for WordPress by vcita <= 4.5 - Cross-Site Request Forgery to Account LogoutEPSS 0.4%CVE-2023-45670HIGHFrigate cross-site request forgery in `config_save` and `config_set` request handlersEPSS 0.4%CVE-2022-1830—Amazon Einzeltitellinks <= 1.3.3 - Arbitrary Settings Update to Stored XSS via CSRFEPSS 0.4%CVE-2021-44777MEDIUMWordPress Email Tracker plugin <= 5.2.6 - Cross-Site Request Forgery (CSRF) vulnerabilities leading to single or bulk e-mail entries deletionEPSS 0.4%