Weaknesses of type CWE-352
5,692 resultsCVE-2022-29436MEDIUMWordPress Code Snippets Extended plugin <= 1.4.7 - Cross-Site Request Forgery (CSRF) vulnerability leading to Persistent Cross-Site Scripting (XSS)EPSS 0.4%CVE-2023-23847LOWA cross-site request forgery (CSRF) vulnerability in Synopsys Jenkins Coverity Plugin 3.0.2 and earlier allows attackers to connect to an atEPSS 0.4%CVE-2024-23785MEDIUMCross-site request forgery vulnerability in Energy Management Controller with Cloud Services JH-RVB1 /JH-RV11 Ver.B0.1.9.1 and earlier allowEPSS 0.4%CVE-2023-28419MEDIUMWordPress Force First and Last Name as Display Name Plugin <= 1.2 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.4%CVE-2022-0638MEDIUMCross-Site Request Forgery (CSRF) in microweber/microweberEPSS 0.4%CVE-2023-3414MEDIUMCross-Site Request Forgery (CSRF) in Jenkins Plug-in for ServiceNow DevOpsEPSS 0.4%CVE-2024-2823MEDIUMDedeCMS mda_main.php cross-site request forgeryEPSS 0.4%CVE-2022-36373MEDIUMWordPress MP3 jPlayer plugin <= 2.7.3 - Multiple Cross-Site Request Forgery (CSRF) vulnerabilitiesEPSS 0.4%CVE-2021-4384MEDIUMWordPress Photo Gallery – Image Gallery <= 1.0.6 - Cross-Site Request Forgery BypassEPSS 0.4%CVE-2023-22286HIGHCross-site request forgery (CSRF) vulnerability in MAHO-PBX NetDevancer Lite/Uni/Pro/Cloud prior to Ver.1.11.00, MAHO-PBX NetDevancer VSG LiEPSS 0.4%CVE-2024-1727MEDIUMCSRF Vulnerability in gradio-app/gradioEPSS 0.4%CVE-2024-12349MEDIUMJFinalCMS save cross-site request forgeryEPSS 0.4%CVE-2024-22699HIGHFlyCms v1.0 contains a Cross-Site Request Forgery (CSRF) vulnerability via /system/admin/update_group_save.EPSS 0.4%CVE-2024-4994HIGHCross-Site Request Forgery (CSRF) in GitLabEPSS 0.4%CVE-2024-38293CRITICALALCASAR before 3.6.1 allows CSRF and remote code execution in activity.php.EPSS 0.4%CVE-2023-7051MEDIUMPHPGurukul Online Notes Sharing System manage-notes.php cross-site request forgeryEPSS 0.4%CVE-2012-10017MEDIUMBestWebSoft Portfolio Plugin cross-site request forgeryEPSS 0.4%CVE-2024-55921HIGHCross-Site Request Forgery in Extension Manager Module in TYPO3EPSS 0.4%CVE-2023-51813MEDIUMCross Site Request Forgery (CSRF) vulnerability in Free Open-Source Inventory Management System v.1.0 allows a remote attacker to execute arEPSS 0.4%CVE-2020-23586MEDIUMA vulnerability found in OPTILINK OP-XT71000N Hardware Version: V2.2 , Firmware Version: OP_V3.3.1-191028 allows an unauthenticated, remote EPSS 0.4%