Weaknesses of type CWE-352

5,698 results
CVE-2022-2172LinkWorth Plugin < 3.3.4 - Arbitrary Setting Update via CSRFEPSS 0.3%CVE-2024-22591HIGHFlyCms v1.0 contains a Cross-Site Request Forgery (CSRF) vulnerability via /system/user/group_save.EPSS 0.3%CVE-2018-17451HIGHAn issue was discovered in GitLab Community and Enterprise Edition before 11.1.7, 11.2.x before 11.2.4, and 11.3.x before 11.3.1. There is CEPSS 0.3%CVE-2022-46062MEDIUMGym Management System v0.0.1 is vulnerable to Cross Site Request Forgery (CSRF).EPSS 0.3%CVE-2023-3201MEDIUMMStore API <= 3.9.6 - Cross-Site Request Forgery to Order Title UpdateEPSS 0.3%CVE-2023-3198MEDIUMMStore API <= 3.9.6 - Cross-Site Request Forgery to Order Status UpdateEPSS 0.3%CVE-2024-9847HIGHCross-Site Request Forgery (CSRF) in flatpressblog/flatpressEPSS 0.3%CVE-2023-1028MEDIUMWP Meta SEO <= 4.5.3 - Cross-Site Request Forgery via 'setIgnore'EPSS 0.3%CVE-2023-3075HIGHCross-Site Request Forgery (CSRF) in tsolucio/corebosEPSS 0.3%CVE-2023-3200MEDIUMMStore API <= 3.9.6 - Cross-Site Request Forgery to Order Message UpdateEPSS 0.3%CVE-2024-27689HIGHStupid Simple CMS v1.2.4 was discovered to contain a Cross-Site Request Forgery (CSRF) via /update-article.php.EPSS 0.3%CVE-2024-28675HIGHDedeCMS v5.7 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /dede/diy_edit.phpEPSS 0.3%CVE-2023-35041HIGHWordPress Webpushr Plugin <= 4.34.0 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.3%CVE-2021-33396MEDIUMCross Site Request Forgery (CSRF) vulnerability in baijiacms 4.1.4, allows attackers to change the password or other information of an arbitEPSS 0.3%CVE-2023-3203MEDIUMMStore API <= 3.9.6 - Cross-Site Request Forgery to Product Limit UpdateEPSS 0.3%CVE-2023-32602MEDIUMWordPress CALL ME NOW Plugin <= 3.0 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.3%CVE-2023-32125MEDIUMWordPress Multi Rating Plugin <= 5.0.6 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.3%CVE-2021-47976HIGHTextPattern CMS 4.9.0-dev Authenticated Remote Code Execution via Plugin UploadEPSS 0.3%CVE-2024-40488HIGHA Cross-Site Request Forgery (CSRF) vulnerability was found in the Kashipara Live Membership System v1.0. This could lead to an attacker triEPSS 0.3%CVE-2023-1346MEDIUMRapidLoad Power-Up for Autoptimize <= 1.7.1 - Cross-Site Request Forgery via 'clear_page_cache'EPSS 0.3%