Weaknesses of type CWE-352

5,720 results
CVE-2023-48258MEDIUMThe vulnerability allows a remote attacker to delete arbitrary files on the file system via a crafted URL or HTTP request through a victim’EPSS 0.2%CVE-2025-68434HIGHopensourcepos has Cross-Site Request Forgery vulnerability that leads to Unauthorized Administrator CreationEPSS 0.2%CVE-2024-28731HIGHCross Site Request Forgery vulnerability in DLink DWR 2000M 5G CPE With Wifi 6 Ax1800 and Dlink DWR 5G CPE DWR-2000M_1.34ME allows a local aEPSS 0.2%CVE-2024-32445MEDIUMWordPress WebinarIgnition plugin <= 3.05.8 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2024-42475MEDIUMOAuth library for nim allows insecure generation of state values by generateState - entropy too low and uses regular PRNG instead of CSPRNGEPSS 0.2%CVE-2024-27195HIGHWordPress Watermark RELOADED plugin <= 1.3.5 - CSRF to XSS vulnerabilityEPSS 0.2%CVE-2024-33651MEDIUMWordPress MF Gig Calendar plugin <= 1.2.1 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2024-7420MEDIUMInsert PHP Code Snippet <= 1.3.6 - Cross-Site Request Forgery to Code Snippet Activate/Deactivate/DeletionEPSS 0.2%CVE-2024-55894MEDIUMTYPO3 Cross-Site Request Forgery in Backend User ModuleEPSS 0.2%CVE-2024-22601HIGHFlyCms v1.0 contains a Cross-Site Request Forgery (CSRF) vulnerability via /system/score/scorerule_saveEPSS 0.2%CVE-2025-31828MEDIUMWordPress Easy!Appointments plugin <= 1.4.2 - Cross Site Request Forgery (CSRF) to Settings Change vulnerabilityEPSS 0.2%CVE-2024-32793MEDIUMWordPress Paid Memberships Pro plugin <= 2.12.10 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2024-41987HIGHCross-Site Request Forgery (CSRF) vulnerability in TEM Opera Plus FM Family TransmitterEPSS 0.2%CVE-2024-20421HIGHCisco ATA 190 Series Analog Telephone Adapter Firmware Cross-Site Request Forgery VulnerabilityEPSS 0.2%CVE-2024-55893MEDIUMTYPO3 Cross-Site Request Forgery in Log ModuleEPSS 0.2%CVE-2023-32123MEDIUMWordPress The7 Theme <= 11.7.3 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.2%CVE-2024-7035MEDIUMCross-Site Request Forgery (CSRF) in open-webui/open-webuiEPSS 0.2%CVE-2023-47186MEDIUMWordPress Kadence WooCommerce Email Designer Plugin <= 1.5.11 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.2%CVE-2023-4454MEDIUMCross-Site Request Forgery (CSRF) in wallabag/wallabagEPSS 0.2%CVE-2023-23984MEDIUMWordPress Bubble Menu – circle floating menu Plugin <= 3.0.1 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.2%