Weaknesses of type CWE-352
5,690 resultsCVE-2021-4333MEDIUMWP Statistics <= 13.1.1 - Cross-Site Request Forgery to Arbitrary Plugin Activation and DeactivationEPSS 0.4%CVE-2021-24618—Donate With QRCode < 1.4.5 - Stored Cross-Site ScriptingEPSS 0.4%CVE-2022-27851MEDIUMWordPress Use Any Font plugin <= 6.1.7 - Cross-Site Request Forgery (CSRF) vulnerabilityEPSS 0.4%CVE-2025-9747MEDIUMKoillection csrf_protection_controller.js cross-site request forgeryEPSS 0.4%CVE-2022-27850MEDIUMWordPress Simple Ajax Chat plugin <= 20220115 - Multiple Cross-Site Request Forgery (CSRF) vulnerabilityEPSS 0.4%CVE-2023-0403MEDIUMSocial Warfare <= 4.3.1 - Cross-Site Request ForgeryEPSS 0.4%CVE-2023-4869MEDIUMSourceCodester Contact Manager App update.php cross-site request forgeryEPSS 0.4%CVE-2023-5961HIGHioLogik E1200 Series: Cross-Site Request Forgery (CSRF) VulnerabilityEPSS 0.4%CVE-2025-24900HIGHConcorde CSRF vulnerability due to insecure configuration of authentication cookie attributesEPSS 0.4%CVE-2024-5097MEDIUMSourceCodester Simple Inventory System tableedit.php#page=editprice cross-site request forgeryEPSS 0.4%CVE-2025-59949MEDIUMFreshRSS has Logout CSRF that Leads to DoS via <track src>EPSS 0.4%CVE-2022-29414MEDIUMWordPress Subscribe To Comments Reloaded plugin <= 211130 - Multiple Cross-Site Request Forgery (CSRF) vulnerabilitiesEPSS 0.4%CVE-2023-47664MEDIUMWordPress Plainview Protect Passwords Plugin <= 1.4 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.4%CVE-2024-2316MEDIUMBdtask Hospital AutoManager Update Bill Page cross-site request forgeryEPSS 0.4%CVE-2024-2134MEDIUMBdtask Hospita AutoManager Investigation Report cross-site request forgeryEPSS 0.4%CVE-2026-8174MEDIUMCross-site Request ForgeryEPSS 0.4%CVE-2021-3957MEDIUMCross-Site Request Forgery (CSRF) in kevinpapst/kimai2EPSS 0.4%CVE-2024-28673HIGHDedeCMS v5.7 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /dede/mychannel_edit.php.EPSS 0.4%CVE-2022-3017MEDIUMCross-Site Request Forgery (CSRF) in froxlor/froxlorEPSS 0.4%CVE-2024-57373HIGHCross Site Request Forgery (CSRF) vulnerability in LifestyleStore v1.0 allows a remote attacker to execute unauthorized actions on behalf ofEPSS 0.4%