Weaknesses of type CWE-352
5,690 resultsCVE-2022-46862MEDIUMWordPress Quiz And Survey Master Plugin <= 8.0.7 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.4%CVE-2019-25064MEDIUMCoreHR Core Portal cross-site request forgeryEPSS 0.4%CVE-2020-36736MEDIUMWooCommerce Checkout & Funnel Builder by CartFlows – Create High Converting Stores For WooCommerce <= 1.5.15 - Cross-Site Request Forgery BypassEPSS 0.4%CVE-2021-32929MEDIUMUffizio GPS Tracker Cross-site Request ForgeryEPSS 0.4%CVE-2020-36737MEDIUMImport / Export Customizer Settings <= 1.0.3 - Cross-Site Request Forgery BypassEPSS 0.4%CVE-2021-21395MEDIUMMagneto-lts vulnerable to Cross-Site Request ForgeryEPSS 0.4%CVE-2025-31205MEDIUMThe issue was addressed with improved checks. This issue is fixed in Safari 18.5, iOS 18.5 and iPadOS 18.5, macOS Sequoia 15.5, tvOS 18.5, vEPSS 0.4%CVE-2022-39268HIGHorchest vulnerable to cross-site request forgery that allows control of a user instanceEPSS 0.4%CVE-2014-125028MEDIUMvaltech IDP Test Client main.py cross-site request forgeryEPSS 0.4%CVE-2021-25097—LabTools <= 1.0 - Subscriber+ Arbitrary Publication DeletionEPSS 0.4%CVE-2021-4162MEDIUMCross-Site Request Forgery (CSRF) in archivy/archivyEPSS 0.4%CVE-2021-24615—Wechat Reward <= 1.7 - CSRF to Stored Cross-Site ScriptingEPSS 0.4%CVE-2021-3963MEDIUMCross-Site Request Forgery (CSRF) in kevinpapst/kimai2EPSS 0.4%CVE-2024-10605MEDIUMcode-projects Blood Bank Management System request.php cross-site request forgeryEPSS 0.4%CVE-2021-4092MEDIUMCross-Site Request Forgery (CSRF) in yetiforcecompany/yetiforcecrmEPSS 0.4%CVE-2024-3238HIGHWordPress Menu Plugin — Superfly Responsive Menu <= 5.0.29 - Cross-Site Request Forgery to Arbitrary File DeletionEPSS 0.4%CVE-2022-2839—Zephyr Project Manager < 3.2.55 - Unauthorised AJAX Calls To Stored XSSEPSS 0.4%CVE-2024-34958MEDIUMidccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component admin/banner_deal.php?mudi=addEPSS 0.4%CVE-2022-41249HIGHA cross-site request forgery (CSRF) vulnerability in Jenkins SCM HttpClient Plugin 1.5 and earlier allows attackers to connect to an attackeEPSS 0.4%CVE-2023-32344MEDIUMIBM Cognos Analytics cross-site request forgeryEPSS 0.4%