Weaknesses of type CWE-352

5,720 results
CVE-2024-1162MEDIUMOrbit Fox by ThemeIsle <= 2.10.29 - Cross-Site Request ForgeryEPSS 0.2%CVE-2023-23984MEDIUMWordPress Bubble Menu – circle floating menu Plugin <= 3.0.1 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.2%CVE-2023-5818MEDIUMAmazonify <= 0.8.1 - Cross-Site Request Forgery to Amazon Tracking ID UpdateEPSS 0.2%CVE-2022-45824MEDIUMWordPress Advanced Booking Calendar Plugin <= 1.7.1 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.2%CVE-2025-39563MEDIUMWordPress Conditional Payments for WooCommerce plugin <= 3.3.0 - Cross Site Request Forgery (CSRF) VulnerabilityEPSS 0.2%CVE-2024-47100HIGHA vulnerability has been identified in SIMATIC S7-1200 CPU 1211C AC/DC/Rly (6ES7211-1BE40-0XB0), SIMATIC S7-1200 CPU 1211C DC/DC/DC (6ES7211EPSS 0.2%CVE-2024-36669MEDIUMidccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component admin/type_deal.php?mudi=add.EPSS 0.2%CVE-2023-22681MEDIUMWordPress Online Exam Software : eExamhall Plugin <= 4.0 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.2%CVE-2024-52446HIGHWordPress Buying Buddy IDX CRM plugin <= 1.2.8 - CSRF to PHP Object Injection vulnerabilityEPSS 0.2%CVE-2022-27628MEDIUMWordPress WZone – Lite Version Plugin <= 3.1 Lite is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.2%CVE-2023-4454MEDIUMCross-Site Request Forgery (CSRF) in wallabag/wallabagEPSS 0.2%CVE-2023-6671MEDIUMCross-Site Request Forgery on OPEN JOURNAL SYSTEMSEPSS 0.2%CVE-2023-23974MEDIUMWordPress Quick Event Manager Plugin <= 9.7.4 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.2%CVE-2023-5383MEDIUMFunnelforms Free <= 3.4 - Cross-Site Request Forgery to Arbitrary Post DuplicationEPSS 0.2%CVE-2023-52047HIGHDedecms v5.7.112 was discovered to contain a Cross-Site Request Forgery (CSRF) in the file manager.EPSS 0.2%CVE-2022-35730MEDIUMWordPress Oceanwp sticky header plugin <= 1.0.8 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.2%CVE-2025-25107CRITICALWordPress OneStore Sites plugin <= 0.1.1 - CSRF to Arbitrary Plugin Installation vulnerabilityEPSS 0.2%CVE-2025-7812HIGHVideo Share VOD – Turnkey Video Site Builder Script <= 2.7.6 - Cross-Site Request Forgery to Command InjectionEPSS 0.2%CVE-2025-39564MEDIUMWordPress Conditional Shipping for WooCommerce plugin <= 3.4.0 - Cross Site Request Forgery (CSRF) VulnerabilityEPSS 0.2%CVE-2023-51531MEDIUMWordPress Thrive Automator Plugin <= 1.17 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.2%