Weaknesses of type CWE-352
5,695 resultsCVE-2024-31268MEDIUMWordPress AppPresser plugin <= 4.3.0 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.3%CVE-2024-2911MEDIUMTianjin PubliCMS cross-site request forgeryEPSS 0.3%CVE-2023-0723MEDIUMWicked Folders <= 2.18.16 - Cross-Site Request Forgery on ajax_move_objectEPSS 0.3%CVE-2024-0768MEDIUMEnvo's Elementor Templates & Widgets for WooCommerce <= 1.4.4 - Cross-Site Request Forgery via ajax_theme_activationEPSS 0.3%CVE-2024-31363MEDIUMWordPress LifterLMS plugin <= 7.5.0 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.3%CVE-2023-28696MEDIUMWordPress I Recommend This Plugin <= 3.9.0 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.3%CVE-2021-22701MEDIUMA CWE-352: Cross-Site Request Forgery vulnerability exists in PowerLogic ION7400, ION7650, ION83xx/84xx/85xx/8600, ION8650, ION8800, ION9000EPSS 0.3%CVE-2022-4941MEDIUMWCFM Membership <= 2.9.10 - Cross-Site Request ForgeryEPSS 0.3%CVE-2024-22818HIGHFlyCms v1.0 contains a Cross-Site Request Forgery (CSRF) vulnerbility via /system/site/filterKeyword_saveEPSS 0.3%CVE-2024-22817HIGHFlyCms v1.0 contains a Cross-Site Request Forgery (CSRF) vulnerability via /system/email/email_conf_updagteEPSS 0.3%CVE-2024-22819HIGHFlyCms v1.0 contains a Cross-Site Request Forgery (CSRF) vulnerability via /system/email/email_templets_update.EPSS 0.3%CVE-2023-3179—POST SMTP Mailer < 2.5.7 - Account Takeover via CSRFEPSS 0.3%CVE-2024-34001HIGHmoodle: CSRF risk in admin preset tool management of presetsEPSS 0.3%CVE-2023-49855MEDIUMWordPress BC Menu Bar Cart Icon For WooCommerce By Binary Carpenter Plugin <= 1.49.3 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.3%CVE-2023-2505HIGH
The affected products have a CSRF vulnerability that could allow an attacker to execute code and upload malicious files.
EPSS 0.3%CVE-2022-4604MEDIUMwp-english-wp-admin Plugin english-wp-admin.php register_endpoints cross-site request forgeryEPSS 0.3%CVE-2023-2528MEDIUMContact Form by Supsystic <= 1.7.24 - Cross-Site Request Forgery via AJAX actionEPSS 0.3%CVE-2023-0385MEDIUMCustom 404 Pro <= 3.7.1 - Cross-Site Request ForgeryEPSS 0.3%CVE-2023-27634HIGHWordPress Intrepidity Theme <= 1.5.1 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.3%CVE-2024-7161MEDIUMSeaCMS Password Change cross-site request forgeryEPSS 0.3%