Weaknesses of type CWE-352

5,711 results
CVE-2022-47448MEDIUMWordPress xili-tidy-tags Plugin <= 1.12.03 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.3%CVE-2023-23646MEDIUMWordPress Album Gallery – WordPress Gallery Plugin <= 1.4.9 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.3%CVE-2023-25468MEDIUMWordPress Reservation.Studio widget Plugin <= 1.0.11 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.3%CVE-2023-2307MEDIUMCross-Site Request Forgery (CSRF) in builderio/qwikEPSS 0.3%CVE-2022-47427MEDIUMWordPress My Calendar Plugin <= 3.3.24.1 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.3%CVE-2024-29019HIGHESPHome vulnerable to Authentication bypass via Cross site request forgeryEPSS 0.3%CVE-2023-48328MEDIUMWordPress NextGEN Gallery Plugin <= 3.37 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.3%CVE-2024-54355MEDIUMWordPress WP Mailster plugin <= 1.8.17.0 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.3%CVE-2024-1760MEDIUMAppointment Booking Calendar — Simply Schedule Appointments Booking Plugin <= 1.6.6.20 - Cross-Site Request Forgery to Plugin Data ResetEPSS 0.3%CVE-2024-12322HIGHThePerfectWedding.nl Widget <= 2.8 - Cross-Site Request Forgery to Stored Cross-Site ScriptingEPSS 0.3%CVE-2025-12189MEDIUMBread & Butter: Gate content + Capture leads + Collect first-party data + Nurture with Ai agents <= 7.11.1374 - Cross-Site Request Forgery to Arbitrary File UploadEPSS 0.3%CVE-2025-27792HIGHOpal vulnerable to CSRF protection bypassEPSS 0.3%CVE-2025-22963HIGHTeedy through 1.11 allows CSRF for account takeover via POST /api/user/admin.EPSS 0.3%CVE-2022-3151MEDIUMWP Custom Cursors < 3.0.1 - Arbitrary Cursor Deletion via CSRFEPSS 0.3%CVE-2023-4277HIGHRealia <= 1.4.0 - Cross-Site Request Forgery to User Email ChangeEPSS 0.3%CVE-2022-3126MEDIUMFrontend File Manager < 21.4 - File Upload via CSRFEPSS 0.3%CVE-2023-3011MEDIUMARMember <= 4.0.5 - Cross-Site Request ForgeryEPSS 0.3%CVE-2023-1089MEDIUMCoupon Zen < 1.0.6 - Arbitrary Plugin Activation via CSRFEPSS 0.3%CVE-2022-4386Intuitive Custom Post Order < 3.1.4 - Arbitrary Menu Order Update via CSRFEPSS 0.3%CVE-2022-3098MEDIUMLogin Block IPs <= 1.0.0 - Arbitrary Setting Update via CSRFEPSS 0.3%