Weaknesses of type CWE-352
5,695 resultsCVE-2025-1644MEDIUMBenner ModernaNet SG_Gravar cross-site request forgeryEPSS 0.3%CVE-2024-22592HIGHFlyCms v1.0 contains a Cross-Site Request Forgery (CSRF) vulnerability via /system/user/group_updateEPSS 0.3%CVE-2024-22593HIGHFlyCms v1.0 contains a Cross-Site Request Forgery (CSRF) vulnerability via /system/admin/add_group_saveEPSS 0.3%CVE-2021-24446—Remove Footer Credit < 1.0.6 - CSRF to Stored Cross-Site ScriptingEPSS 0.3%CVE-2023-1033MEDIUMCross-Site Request Forgery (CSRF) in froxlor/froxlorEPSS 0.3%CVE-2023-43275HIGHCross-Site Request Forgery (CSRF) vulnerability in DedeCMS v5.7 in 110 backend management interface via /catalog_add.php, allows attackers tEPSS 0.3%CVE-2024-28684HIGHDedeCMS v5.7 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via the component /dede/module_main.phpEPSS 0.3%CVE-2022-36095MEDIUMXWiki Cross-Site Request Forgery (CSRF) for actions on tagsEPSS 0.3%CVE-2023-47650MEDIUMWordPress Add Local Avatar Plugin <= 12.1 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.3%CVE-2023-2087MEDIUMEssential Blocks <= 4.0.6 - Cross-Site Request Forgery via saveEPSS 0.3%CVE-2024-51487MEDIUMInsufficient Validation in Catalog (Activation/Deactivation) in AmpacheEPSS 0.3%CVE-2024-51485MEDIUMInsufficient Validation in Plugins (Activation/Deactivation) in AmpacheEPSS 0.3%CVE-2024-23902MEDIUMA cross-site request forgery (CSRF) vulnerability in Jenkins GitLab Branch Source Plugin 684.vea_fa_7c1e2fe3 and earlier allows attackers toEPSS 0.3%CVE-2024-51484MEDIUMInsufficient Validation in Controllers (Activation/Deactivation) in AmpacheEPSS 0.3%CVE-2024-28665HIGHDedeCMS v5.7 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via the component /dede/article_add.phpEPSS 0.3%CVE-2023-32587MEDIUMWordPress WP Reactions Lite Plugin <= 1.3.8 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.3%CVE-2023-0730MEDIUMWicked Folders <= 2.18.16 - Cross-Site Request Forgery via ajax_save_folder_orderEPSS 0.3%CVE-2023-0727MEDIUMWicked Folders <= 2.18.16 - Cross-Site Request Forgery via ajax_delete_folderEPSS 0.3%CVE-2023-0723MEDIUMWicked Folders <= 2.18.16 - Cross-Site Request Forgery on ajax_move_objectEPSS 0.3%CVE-2024-31268MEDIUMWordPress AppPresser plugin <= 4.3.0 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.3%