Weaknesses of type CWE-352

5,712 results
CVE-2023-51369MEDIUMWordPress Customize My Account for WooCommerce plugin <= 1.8.3 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.3%CVE-2025-5132MEDIUMTmall Demo logout cross-site request forgeryEPSS 0.3%CVE-2023-23992MEDIUMWordPress AutomatorWP Plugin <= 2.5.0 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.3%CVE-2024-22140HIGHWordPress Profile Builder Pro Plugin <= 3.10.0 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.3%CVE-2023-4161MEDIUMWooCommerce PDF Invoice Builder <= 1.2.90 - Cross-Site Request Forgery to Custom Field CreationEPSS 0.3%CVE-2022-46367MEDIUMRumpus - FTP server Cross-site request forgery (CSRF) – Privilege escalationEPSS 0.3%CVE-2025-5732MEDIUMcode-projects Traffic Offense Reporting System cross-site request forgeryEPSS 0.3%CVE-2023-34005MEDIUMWordPress Front End Users Plugin <= 3.2.24 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.3%CVE-2023-2830MEDIUMWordPress WP Testimonials Plugin <= 1.4.2 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.3%CVE-2023-51474HIGHWordPress TerraClassifieds plugin <= 2.0.3 - Cross Site Request Forgery (CSRF) to Account Takeover vulnerabilityEPSS 0.3%CVE-2024-30252LOWGitHub Security Lab (GHSL) Vulnerability Report, livemarks: `GHSL-2024-015`EPSS 0.3%CVE-2025-6105MEDIUMjflyfox jfinal_cms HOME.java cross-site request forgeryEPSS 0.3%CVE-2022-2405MEDIUMWP Popup Builder < 1.3.0 - Subscriber+ Arbitrary Popup DeletionEPSS 0.3%CVE-2022-25778MEDIUMUnload handlers may unintentionally defeat CSRF guardsEPSS 0.3%CVE-2023-27073MEDIUMA Cross-Site Request Forgery (CSRF) in Online Food Ordering System v1.0 allows attackers to change user details and credentials via a crafteEPSS 0.3%CVE-2023-48769MEDIUMWordPress Chat Bubble Plugin <= 2.3 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.3%CVE-2025-1687HIGHCardealer <= 1.6.4 - Cross-Site Request Forgery to User Update via update_user_profileEPSS 0.3%CVE-2023-28749MEDIUMWordPress CM On Demand Search And Replace Plugin <= 1.3.0 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.3%CVE-2024-11416MEDIUMWIP Incoming Lite <= 1.1.1 - Cross-Site Request Forgery to Stored Cross-Site ScriptingEPSS 0.3%CVE-2024-13852HIGHOption Editor <= 1.0 - Cross-Site Request Forgery to Arbitrary Options UpdateEPSS 0.3%