Weaknesses of type CWE-352
5,698 resultsCVE-2023-1346MEDIUMRapidLoad Power-Up for Autoptimize <= 1.7.1 - Cross-Site Request Forgery via 'clear_page_cache'EPSS 0.3%CVE-2022-36389MEDIUMWordPress Better Messages plugin <= 1.9.9.148 - Cross-Site Request Forgery (CSRF) vulnerabilityEPSS 0.3%CVE-2018-25096MEDIUMMdAlAmin-aol Own Health Record logout.php cross-site request forgeryEPSS 0.3%CVE-2025-27298HIGHWordPress WP Video Posts plugin <= 3.5.1 - CSRF to Remote Code Execution (RCE) vulnerabilityEPSS 0.3%CVE-2023-31093MEDIUMWordPress Chronosly Events Calendar Plugin <= 2.6.2 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.3%CVE-2023-29440MEDIUMWordPress Simple Job Board Plugin <= 2.10.3 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.3%CVE-2021-47976HIGHTextPattern CMS 4.9.0-dev Authenticated Remote Code Execution via Plugin UploadEPSS 0.3%CVE-2023-32602MEDIUMWordPress CALL ME NOW Plugin <= 3.0 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.3%CVE-2023-22852MEDIUMTiki through 25.0 allows CSRF attacks that are related to tiki-importer.php and tiki-import_sheet.php.EPSS 0.3%CVE-2022-34448HIGH
PowerPath Management Appliance with versions 3.3 & 3.2*, 3.1 & 3.0* contains a Cross-site Request Forgery vulnerability. An unauthenticatedEPSS 0.3%CVE-2023-0728MEDIUMWicked Folders <= 2.18.16 - Cross-Site Request Forgery on ajax_save_folderEPSS 0.3%CVE-2024-34007HIGHmoodle: logout CSRF in admin/tool/mfa/auth.phpEPSS 0.3%CVE-2024-8520MEDIUMUltimate Member <= 2.8.6 - Cross-Site Request Forgery to Membership Status ChangeEPSS 0.3%CVE-2023-20180MEDIUMA vulnerability in the web interface of Cisco Webex Meetings could allow an unauthenticated, remote attacker to conduct a cross-site requestEPSS 0.3%CVE-2023-25975MEDIUMWordPress Etsy Shop Plugin <= 3.0.3 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.3%CVE-2024-12643HIGHChunghwa Telecom tbm-client - Arbitrary File DeleteEPSS 0.3%CVE-2024-12293HIGHUser Role Editor <= 4.64.3 - Cross-Site Request Forgery to Privilege EscalationEPSS 0.3%CVE-2023-45128CRITICALCSRF Token Reuse Vulnerability in fiberEPSS 0.3%CVE-2023-5975MEDIUMImageMapper <= 1.2.6 - Cross-Site Request Forgery to Plugin Settings Change via ajaxEPSS 0.3%CVE-2024-20437HIGHA vulnerability in the web-based management interface of Cisco IOS XE Software could allow an unauthenticated, remote attacker to perform a EPSS 0.3%