Weaknesses of type CWE-352
5,711 resultsCVE-2024-47828MEDIUMCross-Site Request Forgery in ampacheEPSS 0.3%CVE-2023-4923MEDIUMBEAR <= 1.1.3.3 - Cross-Site Request Forgery to Product DeletionEPSS 0.3%CVE-2023-26840MEDIUMA cross-site request forgery (CSRF) vulnerability in ChurchCRM v4.5.3 allows attackers to set a person to a user and set that user to be an EPSS 0.3%CVE-2023-48768MEDIUMWordPress Quantity Plus Minus Button for WooCommerce by CodeAstrology Plugin <= 1.1.9 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.3%CVE-2025-39601CRITICALWordPress Custom CSS, JS & PHP plugin <= 2.4.1 - CSRF to RCE vulnerabilityEPSS 0.3%CVE-2023-47651MEDIUMWordPress WP Links Page Plugin <= 4.9.4 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.3%CVE-2023-49153MEDIUMWordPress Add to Cart Text Changer and Customize Button, Add Custom Icon Plugin <= 2.0 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.3%CVE-2024-5343HIGHPhoto Gallery, Images, Slider in Rbs Image Gallery <= 3.2.19 - Cross-Site Request Forgery to Post Creation and Limited Data LossEPSS 0.3%CVE-2022-38085MEDIUMWordPress Read more By Adam plugin <= 1.1.8 - Cross-Site Request Forgery (CSRF) vulnerabilityEPSS 0.3%CVE-2023-52222MEDIUMWordPress WooCommerce Plugin <= 8.2.2 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.3%CVE-2023-52074HIGHFlyCms v1.0 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component system/site/webconfig_updagte.EPSS 0.3%CVE-2023-47551MEDIUMWordPress Donations Made Easy – Smart Donations Plugin <= 4.0.12 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.3%CVE-2023-4940MEDIUMBEAR <= 1.1.3.3 - Cross-Site Request Forgery to Product ManipulationEPSS 0.3%CVE-2023-52072HIGHFlyCms v1.0 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /system/site/userconfig_updagte.EPSS 0.3%CVE-2023-47685MEDIUMWordPress Preloader Matrix Plugin <= 2.0.1 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.3%CVE-2023-50835MEDIUMWordPress Advanced Category Template Plugin <= 0.1 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.3%CVE-2023-52073HIGHFlyCms v1.0 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /system/site/config_footer_updagte.EPSS 0.3%CVE-2025-41254MEDIUMSpring Framework STOMP CSRF VulnerabilityEPSS 0.3%CVE-2022-2387MEDIUMEasy Digital Downloads < 3.0 - Arbitrary Post Deletion via CSRFEPSS 0.3%CVE-2023-47243MEDIUMWordPress MSHOP MY SITE Plugin <= 1.1.6 is vulnerable to Broken Access ControlEPSS 0.3%