Weaknesses of type CWE-352
5,677 resultsCVE-2018-0259—A vulnerability in the web-based management interface of Cisco MATE Collector could allow an unauthenticated, remote attacker to conduct a cEPSS 0.7%CVE-2018-1230—Pivotal Spring Batch Admin, all versions, does not contain cross site request forgery protection. A remote unauthenticated user could craft EPSS 0.7%CVE-2019-5430—In UniFi Video 3.10.0 and prior, due to the lack of CSRF protection, it is possible to abuse the Web API to make changes on the server confiEPSS 0.7%CVE-2021-24249—Business Directory Plugin < 5.11.2 - Arbitrary Listing ExportEPSS 0.7%CVE-2022-40687MEDIUMWordPress Creative Mail plugin <= 1.5.4 - Cross-Site Request Forgery (CSRF) vulnerabilityEPSS 0.7%CVE-2018-0451—Cisco Tetration Analytics Cross-Site Request Forgery VulnerabilityEPSS 0.7%CVE-2021-24809—BP Better Messages < 1.9.9.41 - Multiple CSRFEPSS 0.7%CVE-2021-34637HIGHPost Index <= 0.7.5 Cross-Site Request Forgery to Stored Cross-Site ScriptingEPSS 0.7%CVE-2021-34628HIGHAdmin Custom Login <= 3.2.7 - Cross-Site Request Forgery to Stored Cross-Site ScriptingEPSS 0.7%CVE-2021-34634HIGHNifty Newsletters <= 4.0.23 - Cross-Site Request Forgery to Stored Cross-Site ScriptingEPSS 0.7%CVE-2017-12271—A vulnerability in Cisco SPA300 and SPA500 Series IP Phones could allow an unauthenticated, remote attacker to execute unwanted actions on aEPSS 0.7%CVE-2021-24218—Facebook for WordPress 3.0.0-3.0.3 - CSRF to Stored XSS and Settings DeletionEPSS 0.7%CVE-2020-11069HIGHCross-Site Request Forgery in TYPO3 CMSEPSS 0.7%CVE-2021-39353HIGHEasy Registration Forms <= 2.1.1 Cross-Site Request Forgery to Stored Cross-Site ScriptingEPSS 0.7%CVE-2019-1764HIGHCisco IP Phone 8800 Series Cross-Site Request Forgery VulnerabilityEPSS 0.7%CVE-2024-31988CRITICALXWiki Platform CSRF remote code execution through the realtime HTML Converter APIEPSS 0.7%CVE-2021-41245MEDIUMPossible Cross-Site Request Forgery in Combodo iTopEPSS 0.7%CVE-2020-8168—We have recently released new version of AirMax AirOS firmware v6.3.0 for TI, XW and XM boards that fixes vulnerabilities found on AirMax AiEPSS 0.7%CVE-2021-24491—Fileviewer <= 2.2 - Arbitrary File Upload/Deletion via CSRFEPSS 0.7%CVE-2024-22939HIGHCross Site Request Forgery vulnerability in FlyCms v.1.0 allows a remote attacker to execute arbitrary code via the system/article/category_EPSS 0.7%