Weaknesses of type CWE-352
5,695 resultsCVE-2022-2449MEDIUMreSmush.it Image Optimizer < 0.4.7 - Multiple CSRFEPSS 0.3%CVE-2022-45673MEDIUMTenda AC6V1.0 V15.03.05.19 is vulnerable to Cross Site Request Forgery (CSRF) via function fromSysToolRestoreSet.EPSS 0.3%CVE-2022-45127HIGHCVE-2022-45127EPSS 0.3%CVE-2024-48418HIGHIn Edimax AC1200 Wi-Fi 5 Dual-Band Router BR-6476AC 1.06, the request /goform/fromSetDDNS does not properly handle special characters in anyEPSS 0.3%CVE-2022-42077MEDIUMTenda AC1206 US_AC1206V1.0RTL_V15.03.06.23_multi_TD01 is vulnerable to Cross Site Request Forgery (CSRF) via function fromSysToolReboot.EPSS 0.3%CVE-2022-42086MEDIUMTenda AX1803 US_AX1803v2.0br_v1.0.0.1_2994_CN_ZGYD01_4 is vulnerable to Cross Site Request Forgery (CSRF) via function TendaAteMode.EPSS 0.3%CVE-2022-45667MEDIUMTenda i22 V1.0.0.3(4687) is vulnerable to Cross Site Request Forgery (CSRF) via function fromSysToolRestoreSet.EPSS 0.3%CVE-2022-42087MEDIUMTenda AX1803 US_AX1803v2.0br_v1.0.0.1_2994_CN_ZGYD01_4 is vulnerable to Cross Site Request Forgery (CSRF) via function fromSysToolReboot.EPSS 0.3%CVE-2025-47410HIGHApache Geode: CSRF attacks through GET requests to the Management and Monitoring REST API that can execute gfsh commands on the target systemEPSS 0.3%CVE-2022-45668MEDIUMTenda i22 V1.0.0.3(4687) is vulnerable to Cross Site Request Forgery (CSRF) via function fromSysToolReboot.EPSS 0.3%CVE-2021-36852MEDIUMWordPress WP Hotel Booking plugin <= 1.10.5 - Cross-Site Request Forgery (CSRF) vulnerabilityEPSS 0.3%CVE-2022-45674MEDIUMTenda AC6V1.0 V15.03.05.19 is vulnerable to Cross Site Request Forgery (CSRF) via function fromSysToolReboot.EPSS 0.3%CVE-2022-42078MEDIUMTenda AC1206 US_AC1206V1.0RTL_V15.03.06.23_multi_TD01 is vulnerable to Cross Site Request Forgery (CSRF) via function fromSysToolRestoreSet.EPSS 0.3%CVE-2022-47395HIGHCVE-2022-47395EPSS 0.3%CVE-2020-21366HIGHCross Site Request Forgery vulnerability in GreenCMS v.2.3 allows an attacker to gain privileges via the adduser function of index.php.EPSS 0.3%CVE-2025-1644MEDIUMBenner ModernaNet SG_Gravar cross-site request forgeryEPSS 0.3%CVE-2023-5448HIGHWP Register Profile With Shortcode <= 3.5.9 - Cross-Site Request Forgery to User Password ResetEPSS 0.3%CVE-2024-22592HIGHFlyCms v1.0 contains a Cross-Site Request Forgery (CSRF) vulnerability via /system/user/group_updateEPSS 0.3%CVE-2023-27632MEDIUMWordPress Daily Prayer Time Plugin <= 2023.03.08 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.3%CVE-2021-24446—Remove Footer Credit < 1.0.6 - CSRF to Stored Cross-Site ScriptingEPSS 0.3%