Weaknesses of type CWE-352

5,711 results
CVE-2024-42582HIGHA Cross-Site Request Forgery (CSRF) in the component delete_categorie.php of Warehouse Inventory System v2.0 allows attackers to escalate prEPSS 0.3%CVE-2024-42583HIGHA Cross-Site Request Forgery (CSRF) in the component delete_user.php of Warehouse Inventory System v2.0 allows attackers to escalate privileEPSS 0.3%CVE-2024-42584HIGHA Cross-Site Request Forgery (CSRF) in the component delete_product.php of Warehouse Inventory System v2.0 allows attackers to escalate privEPSS 0.3%CVE-2025-3257MEDIUMxujiangfei admintwo updateSet cross-site request forgeryEPSS 0.3%CVE-2024-42579HIGHA Cross-Site Request Forgery (CSRF) in the component add_group.php of Warehouse Inventory System v2.0 allows attackers to escalate privilegeEPSS 0.3%CVE-2023-53688MEDIUMNagios XI < 5.11.3 XSS & CSRF via Hypermap ReplayEPSS 0.3%CVE-2020-37149MEDIUMEdimax Technology EW-7438RPn-v3 Mini 1.27 - Cross-Site Request Forgery (CSRF) to Command ExecutionEPSS 0.3%CVE-2024-35552HIGHidccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /admin/infoMove_deal.php?mudi=del&dataType=logoEPSS 0.3%CVE-2025-5521MEDIUMWuKongOpenSource WukongCRM updataPassword cross-site request forgeryEPSS 0.3%CVE-2024-7492HIGHMainWP Child Reports <= 2.2 - Cross-Site Request Forgery to Arbitrary Options UpdateEPSS 0.3%CVE-2024-35558HIGHidccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /admin/ca_deal.php?mudi=rev&nohrefStr=close.EPSS 0.3%CVE-2022-36288MEDIUMWordPress Download Manager plugin <= 3.2.48 - Multiple Cross-Site Request Forgery (CSRF) vulnerabilitiesEPSS 0.3%CVE-2025-1084MEDIUMMindskip xzs-mysql 学之思开源考试系统 cross-site request forgeryEPSS 0.3%CVE-2024-56311HIGHREDCap through 14.9.6 has a security flaw in the Notes section of calendar events, exposing users to a Cross-Site Request Forgery (CSRF) attEPSS 0.3%CVE-2024-36670HIGHidccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component admin/vpsClass_deal.php?mudi=delEPSS 0.3%CVE-2022-40291HIGHCross-site request forgery (CSRF) in PHP Point of Sale version 19.0, by PHP Point of Sale, LLCEPSS 0.3%CVE-2023-2067MEDIUMAnnouncement & Notification Banner – Bulletin <= 3.7.0 - Cross-Site Request ForgeryEPSS 0.3%CVE-2023-47651MEDIUMWordPress WP Links Page Plugin <= 4.9.4 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.3%CVE-2024-47828MEDIUMCross-Site Request Forgery in ampacheEPSS 0.3%CVE-2023-4926MEDIUMBEAR <= 1.1.3.3 - Cross-Site Request Forgery to Product DeletionEPSS 0.3%