Weaknesses of type CWE-352
5,690 resultsCVE-2024-28195HIGHCross-Site Request Forgery (CSRF) vulnerability in API and login in your_spotifyEPSS 0.4%CVE-2024-2822MEDIUMDedeCMS vote_edit.php cross-site request forgeryEPSS 0.4%CVE-2024-11689HIGHHQ Rental Software <= 1.5.29 - Cross-Site Request Forgery to Arbitrary Options UpdateEPSS 0.4%CVE-2024-45172MEDIUMAn issue was discovered in za-internet C-MOR Video Surveillance 5.2401 and 6.00PL01. Due to missing protection mechanisms, the C-MOR web intEPSS 0.4%CVE-2022-41919MEDIUMFastify vulnerable to Cross-Site Request Forgery (CSRF) attack via incorrect content typeEPSS 0.4%CVE-2023-0294HIGHMediamatic – Media Library Folders <= 2.8.1 - Cross-Site Request ForgeryEPSS 0.4%CVE-2022-2555—Yotpo Reviews for WooCommerce <= 2.0.4 - Arbitrary Settings Update via CSRFEPSS 0.4%CVE-2022-1957—Comment License < 1.4.0 - Arbitrary Settings Update via CSRFEPSS 0.4%CVE-2023-7052MEDIUMPHPGurukul Online Notes Sharing System profile.php cross-site request forgeryEPSS 0.4%CVE-2023-0554HIGHQuick Restaurant Menu <= 2.0.2 - Cross-Site Request ForgeryEPSS 0.4%CVE-2022-2123—WP Opt-in <= 1.4.1 - Arbitrary Settings Update via CSRFEPSS 0.4%CVE-2024-31386MEDIUMMultiple WordPress themes affected by Cross-Site Request Forgery vulnerabilityEPSS 0.4%CVE-2022-2144—Jquery Validation For Contact Form 7 < 5.3 - Arbitrary Options Update via CSRFEPSS 0.4%CVE-2023-32980MEDIUMA cross-site request forgery (CSRF) vulnerability in Jenkins Email Extension Plugin allows attackers to make another user stop watching an aEPSS 0.4%CVE-2022-29435MEDIUMWordPress Code Snippets Extended plugin <= 1.4.7 - Cross-Site Request Forgery (CSRF) vulnerabilityEPSS 0.4%CVE-2022-31000LOWCSRF allows attacker to finalize/unfinalize order adjustments in solidus_backendEPSS 0.4%CVE-2024-11125MEDIUMGetSimpleCMS profile.php cross-site request forgeryEPSS 0.4%CVE-2020-22334MEDIUMCross Site Request Forgery (CSRF) vulnerability in beescms v4 allows attackers to delete the administrator account via crafted request to /aEPSS 0.4%CVE-2022-1625—New User Approve < 2.4 - Arbitrary Settings Update & Invitation Code Creation via CSRFEPSS 0.4%CVE-2022-43323HIGHEyouCMS V1.5.9-UTF8-SP1 was discovered to contain a Cross-Site Request Forgery (CSRF) via the Top Up Balance component under the Edit MemberEPSS 0.4%