Weaknesses of type CWE-352

5,703 results
CVE-2023-25994MEDIUMWordPress Publish to Schedule Plugin <= 4.4.2 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.3%CVE-2023-27461MEDIUMWordPress When Last Login Plugin <= 1.2.1 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.3%CVE-2023-34182MEDIUMWordPress LH Password Changer Plugin <= 1.55 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.3%CVE-2025-8711MEDIUMCSRF in Ivanti Connect Secure before 22.7R2.9 or 22.8R2, Ivanti Policy Secure before 22.7R1.6, Ivanti ZTA Gateway before 2.8R2.3-723 and IvaEPSS 0.3%CVE-2023-34178MEDIUMWordPress Groundhogg Plugin <= 2.7.11 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.3%CVE-2023-5382MEDIUMFunnelforms Free <= 3.4 - Cross-Site Request Forgery to Arbitrary Post DeletionEPSS 0.3%CVE-2024-1889HIGHCross-Site Request Forgery vulnerability in SMA Cluster ControllerEPSS 0.3%CVE-2023-48284MEDIUMWordPress Decorator – WooCommerce Email Customizer Plugin <= 1.2.7 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.3%CVE-2022-4766MEDIUMdolibarr_project_timesheet Form cross-site request forgeryEPSS 0.3%CVE-2016-3098Cross-site request forgery (CSRF) vulnerability in administrate 0.1.4 and earlier allows remote attackers to hijack the user's OAuth autorizEPSS 0.3%CVE-2023-0870HIGHForm Can Be Manipulated with Cross-Site Request Forgery (CSRF)EPSS 0.3%CVE-2024-27783HIGHMultiple cross-site request forgery (CSRF) weaknesses [CWE-352] vulnerability in Fortinet FortiAIOps 2.0.0 may allow an unauthenticated remoEPSS 0.3%CVE-2022-40179A vulnerability has been identified in Desigo PXM30-1 (All versions < V02.20.126.11-41), Desigo PXM30.E (All versions < V02.20.126.11-41), DEPSS 0.3%CVE-2022-1956Shortcut Macros <= 1.3 - Subscriber+ Arbitrary Settings UpdateEPSS 0.3%CVE-2023-47781HIGHWordPress Thrive Theme Builder Theme < 3.24.2 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.3%CVE-2024-11415HIGHWP-Orphanage Extended <= 1.2 - Cross-Site Request Forgery to Orphan Account Privilege EscalationEPSS 0.3%CVE-2023-0737MEDIUMCSRF in wallabag/wallabagEPSS 0.3%CVE-2024-46362HIGHFrogCMS V0.9.5 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/?/plugin/file_manager/create_directoryEPSS 0.3%CVE-2021-24912Transposh WordPress Translation < 1.0.8 - CSRF to Stored XSSEPSS 0.3%CVE-2023-28694MEDIUMWordPress Wbcom Designs – BuddyPress Activity Social Share Plugin <= 3.5.0 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.3%