Weaknesses of type CWE-352

5,703 results
CVE-2022-3233MEDIUMCross-Site Request Forgery (CSRF) in ikus060/rdiffwebEPSS 0.3%CVE-2022-2382Product Slider for WooCommerce < 2.5.7 - Subscriber+ Arbitrary Options DeletionEPSS 0.3%CVE-2022-2389Automations By Autonami < 2.1.2 - Subscriber+ Automation CreationEPSS 0.3%CVE-2023-0685MEDIUMWicked Folders <= 2.18.16 - Cross-Site Request Forgery via ajax_unassign_foldersEPSS 0.3%CVE-2023-0724MEDIUMWicked Folders <= 2.18.16 - Cross-Site Request Forgery via ajax_add_folderEPSS 0.3%CVE-2025-47533HIGHWordPress Graphina plugin <= 3.0.4 - Cross Site Request Forgery (CSRF) to Local File Inclusion vulnerabilityEPSS 0.3%CVE-2023-1340MEDIUMRapidLoad Power-Up for Autoptimize <= 1.7.1 - Cross-Site Request Forgery via 'clear_uucss_logs'EPSS 0.3%CVE-2024-12646HIGHChunghwa Telecom topm-client - Arbitrary File DeleteEPSS 0.3%CVE-2023-1341MEDIUMRapidLoad Power-Up for Autoptimize <= 1.7.1 - Cross-Site Request Forgery via 'ajax_deactivate'EPSS 0.3%CVE-2021-24822Stylish Cost Calculator < 7.04 - Subscriber+ Unauthorised AJAX Calls to Stored XSSEPSS 0.3%CVE-2023-1342MEDIUMRapidLoad Power-Up for Autoptimize <= 1.7.1 - Cross-Site Request Forgery via 'ucss_connect'EPSS 0.3%CVE-2023-1343MEDIUMRapidLoad Power-Up for Autoptimize <= 1.7.1 - Cross-Site Request Forgery via 'attach_rule'EPSS 0.3%CVE-2024-2559MEDIUMTenda AC18 SysToolReboot fromSysToolReboot cross-site request forgeryEPSS 0.3%CVE-2023-1344MEDIUMRapidLoad Power-Up for Autoptimize <= 1.7.1 - Cross-Site Request Forgery via 'uucss_update_rule'EPSS 0.3%CVE-2023-1345MEDIUMRapidLoad Power-Up for Autoptimize <= 1.7.1 - Cross-Site Request Forgery via 'queue_posts'EPSS 0.3%CVE-2023-5382MEDIUMFunnelforms Free <= 3.4 - Cross-Site Request Forgery to Arbitrary Post DeletionEPSS 0.3%CVE-2025-8711MEDIUMCSRF in Ivanti Connect Secure before 22.7R2.9 or 22.8R2, Ivanti Policy Secure before 22.7R1.6, Ivanti ZTA Gateway before 2.8R2.3-723 and IvaEPSS 0.3%CVE-2023-31086MEDIUMWordPress Simple Giveaways Plugin <= 2.46.0 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.3%CVE-2023-25994MEDIUMWordPress Publish to Schedule Plugin <= 4.4.2 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.3%CVE-2023-27444MEDIUMWordPress DecaLog Plugin <= 3.7.0 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.3%