Weaknesses of type CWE-352
5,711 resultsCVE-2022-1818—Multi-page Toolkit <= 2.6 - Arbitrary Settings Update to Stored XSS via CSRFEPSS 0.3%CVE-2022-1780—LaTeX for WordPress <= 3.4.10 - Arbitrary Settings Update via CSRF to Stored XSSEPSS 0.3%CVE-2023-5776MEDIUMPost Meta Data Manager <= 1.2.1 - Cross-Site Request Forgery to Post, Term, and User Meta DeletionEPSS 0.3%CVE-2022-1781—postTabs <= 2.10.6 - Arbitrary Settings Update via CSRF to Stored XSSEPSS 0.3%CVE-2022-1787—Sideblog <= 6.0 - Arbitrary Settings Update via CSRF to Stored XSSEPSS 0.3%CVE-2022-2275—WP Edit Menu <= 1.5.0 - Arbitrary Post Deletion via CSRFEPSS 0.3%CVE-2024-35475MEDIUMA Cross-Site Request Forgery (CSRF) vulnerability was discovered in OpenKM Community Edition on or before version 6.3.12. The vulnerability EPSS 0.3%CVE-2022-36312—Airspan AirVelocity 1500 software version 15.18.00.2511 lacks CSRF protections in the eNodeB's web management UI. This issue may affect otheEPSS 0.3%CVE-2022-22686MEDIUMCross-Site Request Forgery (CSRF) vulnerability in webapi component in Synology Calendar before 2.3.4-0631 allows remote authenticated usersEPSS 0.3%CVE-2023-42027MEDIUMIBM CICS TX cross-site request forgeryEPSS 0.3%CVE-2022-34654MEDIUMWordPress Manage Notification E-mails Plugin <= 1.8.2 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.3%CVE-2023-35917MEDIUMWordPress WooCommerce PayPal Payments Plugin <= 2.0.4 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.3%CVE-2024-9282MEDIUMbg5sbk MiniCMS page-edit.php cross-site request forgeryEPSS 0.3%CVE-2024-42576HIGHA Cross-Site Request Forgery (CSRF) in the component edit_categorie.php of Warehouse Inventory System v2.0 allows attackers to escalate privEPSS 0.3%CVE-2024-42584HIGHA Cross-Site Request Forgery (CSRF) in the component delete_product.php of Warehouse Inventory System v2.0 allows attackers to escalate privEPSS 0.3%CVE-2024-42582HIGHA Cross-Site Request Forgery (CSRF) in the component delete_categorie.php of Warehouse Inventory System v2.0 allows attackers to escalate prEPSS 0.3%CVE-2024-42577HIGHA Cross-Site Request Forgery (CSRF) in the component add_product.php of Warehouse Inventory System v2.0 allows attackers to escalate privileEPSS 0.3%CVE-2023-6676HIGHCross Site Request Forgery in National Keep's CyberMathEPSS 0.3%CVE-2024-42581CRITICALA Cross-Site Request Forgery (CSRF) in the component delete_group.php of Warehouse Inventory System v2.0 allows attackers to escalate privilEPSS 0.3%CVE-2023-4942MEDIUMBEAR <= 1.1.3.3 - Cross-Site Request Forgery to Product ManipulationEPSS 0.3%