Weaknesses of type CWE-352
5,703 resultsCVE-2023-2717MEDIUMGroundhogg <= 2.7.9.8 - Cross-Site Request Forgery to Disable All PluginsEPSS 0.3%CVE-2023-30478MEDIUMWordPress Newsletters Plugin <= 4.8.8 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.3%CVE-2024-0830MEDIUMComments Extra Fields For Post,Pages and CPT <= 5.0 - Cross-Site Request ForgeryEPSS 0.3%CVE-2023-32744MEDIUMWordPress WooCommerce Product Recommendations Plugin < 2.3.0 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.3%CVE-2022-33201MEDIUMWordPress MailerLite – Signup forms (official) plugin <= 1.5.7 - Cross-Site Request Forgery (CSRF) vulnerabilityEPSS 0.3%CVE-2023-32794MEDIUMWordPress WooCommerce Product Add-ons Plugin <= 6.1.3 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.3%CVE-2023-34025MEDIUMWordPress LWS Hide Login Plugin <= 2.1.6 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.3%CVE-2023-27445MEDIUMWordPress Blog Floating Button Plugin <= 1.4.12 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.3%CVE-2021-29334HIGHAn issue was discovered in JIZHI CMS 1.9.4. There is a CSRF vulnerability that can add an admin account via index, /admin.php/Admin/adminaddEPSS 0.3%CVE-2023-3627HIGHCross-Site Request Forgery (CSRF) in salesagility/suitecrm-coreEPSS 0.3%CVE-2023-1870MEDIUMYourChannel <= 1.2.4 - Cross-Site Request Forgery to Plugin Language Translation UpdateEPSS 0.3%CVE-2023-1867MEDIUMYourChannel <= 1.2.4 - Cross-Site Request Forgery to Plugin Settings ChangeEPSS 0.3%CVE-2023-47578HIGHRelyum RELY-PCIe 22.2.1 and RELY-REC 23.1.0 devices are susceptible to Cross Site Request Forgery (CSRF) attacks due to the absence of CSRF EPSS 0.3%CVE-2022-2375—WP Sticky Button < 1.4.1 - Unauthenticated Arbitrary Settings Update to Stored XSSEPSS 0.3%CVE-2024-45538CRITICALCross-Site Request Forgery (CSRF) vulnerability in WebAPI Framework in Synology DiskStation Manager (DSM) before 7.2.1-69057-2 and 7.2.2-728EPSS 0.3%CVE-2024-35009HIGHidccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /admin/share_switch.php?mudi=switch&dataType=&fEPSS 0.3%CVE-2023-26531MEDIUMWordPress 多合一搜索自动推送管理插件-支持Baidu/Google/Bing/IndexNow/Yandex/头条 Plugin <= 4.2.7 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.3%CVE-2023-28167MEDIUMWordPress CF7 Invisible reCAPTCHA Plugin <= 1.3.3 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.3%CVE-2022-38137MEDIUMWordPress Analytify plugin <= 4.2.2 - Cross-Site Request Forgery (CSRF) vulnerabilityEPSS 0.3%CVE-2023-27436MEDIUMWordPress Elegant Custom Fonts Plugin <= 1.0 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.3%