Weaknesses of type CWE-352

5,711 results
CVE-2022-2387MEDIUMEasy Digital Downloads < 3.0 - Arbitrary Post Deletion via CSRFEPSS 0.3%CVE-2023-51949HIGHVerydows v2.0 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /protected/controller/backend/role_controllerEPSS 0.3%CVE-2023-52072HIGHFlyCms v1.0 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /system/site/userconfig_updagte.EPSS 0.3%CVE-2017-20221MEDIUMTelesquare SKT LTE Router SDT-CS3B1 CSRF System Command ExecutionEPSS 0.3%CVE-2023-49164MEDIUMWordPress Ocean Extra Plugin <= 2.2.2 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.3%CVE-2023-47553MEDIUMWordPress UserHeat Plugin Plugin <= 1.1.6 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.3%CVE-2025-41254MEDIUMSpring Framework STOMP CSRF VulnerabilityEPSS 0.3%CVE-2025-12821HIGHNewsBlogger <= 0.2.5.6 - 0.2.6.1 - Cross-Site Request Forgery to Arbitrary Plugin InstallationEPSS 0.3%CVE-2023-5036HIGHCross-Site Request Forgery (CSRF) in usememos/memosEPSS 0.3%CVE-2022-38454MEDIUMWordPress Kraken.io Image Optimizer plugin <= 2.6.5 - Cross-Site Request Forgery (CSRF) vulnerabilityEPSS 0.3%CVE-2023-2079HIGHBuy Me a Coffee – Button and Widget Plugin <= 3.7 - Cross-Site Request ForgeryEPSS 0.3%CVE-2024-0592MEDIUMRelated Posts for WordPress <= 2.2.1 - Cross-Site Request ForgeryEPSS 0.3%CVE-2022-38086MEDIUMWordPress Shortcodes Ultimate plugin <= 5.12.0 - Cross-Site Request Forgery (CSRF) vulnerabilityEPSS 0.3%CVE-2022-4552MEDIUMFL3R FeelBox <= 8.1 - Settings Update via CSRF to Stored XSSEPSS 0.3%CVE-2025-24398HIGHJenkins Bitbucket Server Integration Plugin 2.1.0 through 4.1.3 (both inclusive) allows attackers to craft URLs that would bypass the CSRF pEPSS 0.3%CVE-2022-45068MEDIUMWordPress Mercado Pago payments for WooCommerce Plugin <= 6.3.1 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.3%CVE-2022-25952MEDIUMWordPress Content Egg plugin <= 5.4.0 - Cross-Site Request Forgery (CSRF) vulnerabilityEPSS 0.3%CVE-2022-2071Name Directory < 1.25.4 - Stored Cross-Site Scripting via CSRFEPSS 0.3%CVE-2022-1591WordPress Ping Optimizer < 2.35.1.3.0 - Arbitrary Settings Update via CSRFEPSS 0.3%CVE-2023-44385HIGHClient-Side Request Forgery in Home Assistant iOS/macOS native AppsEPSS 0.3%