Weaknesses of type CWE-352
5,694 resultsCVE-2022-3419MEDIUMAutomatic User Roles Switcher < 1.1.2 - Subscriber+ Privilege EscalationEPSS 0.3%CVE-2020-11919HIGHAn issue was discovered in Siime Eye 14.1.00000001.3.330.0.0.3.14. There is no CSRF protection.EPSS 0.3%CVE-2022-1389LOWOn all versions of 16.1.x, 15.1.x, 14.1.x, 13.1.x, 12.1.x, and 11.6.x of F5 BIG-IP (fixed in 17.0.0), a cross-site request forgery (CSRF) vuEPSS 0.3%CVE-2024-28431HIGHDedeCMS v5.7 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via the component /dede/catalog_del.php.EPSS 0.3%CVE-2022-42070HIGHOnline Birth Certificate Management System version 1.0 is vulnerable to Cross Site Request Forgery (CSRF).EPSS 0.3%CVE-2023-27495MEDIUMBypass of CSRF protection in the presence of predictable userInfo in @fastify/csrf-protectionEPSS 0.3%CVE-2023-32092MEDIUMWordPress Community by PeepSo Plugin <= 6.0.9.0 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.3%CVE-2022-3232MEDIUMCross-Site Request Forgery (CSRF) in ikus060/rdiffwebEPSS 0.3%CVE-2024-11743MEDIUMSourceCodester Best House Rental Management System POST Request ajax.php cross-site request forgeryEPSS 0.3%CVE-2024-2277MEDIUMBdtask G-Prescription Gynaecology & OBS Consultation Software Password Reset change_password_save cross-site request forgeryEPSS 0.3%CVE-2023-32502MEDIUMWordPress Pro Mime Types Plugin <= 1.0.7 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.3%CVE-2021-4398MEDIUMAmministrazione Trasparente <= 7.1 - Cross-Site Request Forgery BypassEPSS 0.3%CVE-2024-56903HIGHGeovision GV-ASWeb with the version 6.1.1.0 or less allows attackers to modify POST request method with the GET against critical functionaliEPSS 0.3%CVE-2021-4403MEDIUMRemove Schema <= 1.5 - Cross-Site Request Forgery BypassEPSS 0.3%CVE-2021-4396MEDIUMRucy <= 0.4.4 - Cross-Site Request Forgery BypassEPSS 0.3%CVE-2023-4659CRITICALCross-Site Request Forgery in Free5GcEPSS 0.3%CVE-2021-4405MEDIUMElasticPress <= 3.5.3 - Cross-Site Request Forgery BypassEPSS 0.3%CVE-2023-1937MEDIUMzhenfeng13 My-Blog userInfo cross-site request forgeryEPSS 0.3%CVE-2021-4400MEDIUMBetter Search <= 2.5.2 - Cross-Site Request Forgery BypassEPSS 0.3%CVE-2024-35108HIGHidccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /admin/homePro_deal.php?mudi=del&dataType=&dataEPSS 0.3%