Weaknesses of type CWE-352
5,689 resultsCVE-2024-10448MEDIUMcode-projects Blood Bank Management System delete.php cross-site request forgeryEPSS 0.4%CVE-2023-36237HIGHCross Site Request Forgery vulnerability in Bagisto before v.1.5.1 allows an attacker to execute arbitrary code via a crafted HTML script.EPSS 0.4%CVE-2022-1830—Amazon Einzeltitellinks <= 1.3.3 - Arbitrary Settings Update to Stored XSS via CSRFEPSS 0.4%CVE-2021-44777MEDIUMWordPress Email Tracker plugin <= 5.2.6 - Cross-Site Request Forgery (CSRF) vulnerabilities leading to single or bulk e-mail entries deletionEPSS 0.4%CVE-2022-29412MEDIUMWordPress Hermit 音乐播放器 plugin <= 3.1.6 - Multiple Cross-Site Request Forgery (CSRF) vulnerabilitiesEPSS 0.4%CVE-2021-41083HIGHCSRF Vulnerability in dada-mail 11.15.1 and belowEPSS 0.4%CVE-2023-6022HIGHCross-Site Request Forgery (CSRF) in prefecthq/prefectEPSS 0.4%CVE-2021-4394MEDIUMLocations <= 3.2.1 - Cross-Site Request Forgery BypassEPSS 0.4%CVE-2023-7038MEDIUMautomad User Creation cross-site request forgeryEPSS 0.4%CVE-2023-33359MEDIUMPiwigo 13.6.0 is vulnerable to Cross Site Request Forgery (CSRF) in the "add tags" function.EPSS 0.4%CVE-2018-15612HIGHOrchestration Designer Runtime Config CSRFEPSS 0.4%CVE-2021-4423MEDIUMRAYS Grid <= 1.2.2 - Cross-Site Request Forgery BypassEPSS 0.4%CVE-2022-29450MEDIUMWordPress Admin Management Xtended plugin <= 2.4.4 - Multiple Cross-Site Request Forgery (CSRF) vulnerabilitiesEPSS 0.4%CVE-2021-27704MEDIUMAppspace 6.2.4 is affected by Incorrect Access Control via the Appspace Web Portal password reset page.EPSS 0.4%CVE-2023-2631MEDIUMCSRF vulnerability and missing permission checks in Code Dx Plugin EPSS 0.4%CVE-2024-2820MEDIUMDedeCMS baidunews.php cross-site request forgeryEPSS 0.4%CVE-2019-5431—This vulnerability was caused by an incomplete fix to CVE-2017-0911. Twitter Kit for iOS versions 3.0 to 3.4.0 is vulnerable to a callback vEPSS 0.4%CVE-2020-36746MEDIUMMenu Swapper <= 1.1.0.2 - Cross-Site Request Forgery BypassEPSS 0.4%CVE-2023-26516HIGHWordPress Debug Assistant Plugin <= 1.4 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.4%CVE-2022-29439MEDIUMWordPress Image Slider by NextCode plugin <= 1.1.2 - Slider Deletion via Cross-Site Request Forgery (CSRF) vulnerabilityEPSS 0.4%