Weaknesses of type CWE-352
5,711 resultsCVE-2023-1089MEDIUMCoupon Zen < 1.0.6 - Arbitrary Plugin Activation via CSRFEPSS 0.3%CVE-2022-4386—Intuitive Custom Post Order < 3.1.4 - Arbitrary Menu Order Update via CSRFEPSS 0.3%CVE-2024-1415MEDIUMResponsive Contact Form Builder & Lead Generation Plugin <= 1.8.9 - Cross-Site Request ForgeryEPSS 0.3%CVE-2020-14506LOWPhilips Clinical Collaboration Platform Cross-site Request ForgeryEPSS 0.3%CVE-2024-0428HIGHIndex Now <= 2.6.3 - Cross-Site Request Forgery via reset_formEPSS 0.3%CVE-2024-51488MEDIUMInsufficient Validation in Delete Message in AmpacheEPSS 0.3%CVE-2024-20486MEDIUMCisco Identity Services Engine Cross-Site Request Forgery VulnerabilityEPSS 0.3%CVE-2024-13560MEDIUMSubscriptions & Memberships for PayPal <= 1.1.6 - Cross-Site Request Forgery to Arbitrary Post DeletionEPSS 0.3%CVE-2019-25254MEDIUMKYOCERA Net Admin 3.4.0906 Cross-Site Request Forgery via User AdministrationEPSS 0.3%CVE-2024-9990HIGHCrypto <= 2.15 - Cross-Site Request Forgery to Authentication BypassEPSS 0.3%CVE-2022-2657—Multivendor Marketplace Solution for WooCommerce < 3.8.12 - Unauthorised AJAX CallsEPSS 0.3%CVE-2021-36861MEDIUMWordPress Rich Reviews by Starfish plugin <= 1.9.14 - Cross-Site Request Forgery (CSRF) vulnerabilityEPSS 0.3%CVE-2024-32091MEDIUMWordPress Sangar Slider plugin <= 1.3.2 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.3%CVE-2021-36854MEDIUMWordPress Booking Ultra Pro plugin <= 1.1.4 - Multiple Cross-Site Request Forgery (CSRF) vulnerabilitiesEPSS 0.3%CVE-2025-12202MEDIUMajayrandhawa User-Management-PHP-MYSQL web cross-site request forgeryEPSS 0.3%CVE-2025-25928HIGHA Cross-Site Request Forgery (CSRF) in the component /admin/users/user.form of Openmrs 2.4.3 Build 0ff0ed allows attackers to execute arbitrEPSS 0.3%CVE-2023-27430MEDIUMWordPress Mass Delete Unused Tags Plugin <= 2.0.0 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.3%CVE-2025-3843MEDIUMpanhainan DS-Java cross-site request forgeryEPSS 0.3%CVE-2023-31708MEDIUMA Cross-Site Request Forgery (CSRF) in EyouCMS v1.6.2 allows attackers to execute arbitrary commands via a supplying a crafted HTML file to EPSS 0.3%CVE-2023-5511MEDIUMCross-Site Request Forgery (CSRF) in snipe/snipe-itEPSS 0.3%