Weaknesses of type CWE-352

5,720 results
CVE-2023-51531MEDIUMWordPress Thrive Automator Plugin <= 1.17 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.2%CVE-2026-34394HIGHAVideo: CSRF on Admin Plugin Configuration Enables Payment Credential HijackingEPSS 0.2%CVE-2026-13887MEDIUMInappropriate implementation in NFC in Google Chrome on Android prior to 150.0.7871.47 allowed a remote attacker who had compromised the renEPSS 0.2%CVE-2024-28682MEDIUMDedeCMS v5.7 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /dede/sys_cache_up.php.EPSS 0.2%CVE-2023-23711MEDIUMWordPress A2 Optimized WP Plugin <= 3.0.4 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.2%CVE-2026-13826MEDIUMInappropriate implementation in Autofill in Google Chrome on Android prior to 150.0.7871.47 allowed a remote attacker who had compromised thEPSS 0.2%CVE-2025-11051MEDIUMSourceCodester Pet Grooming Management Software cross-site request forgeryEPSS 0.2%CVE-2024-28678MEDIUMDedeCMS v5.7 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via the component /dede/article_description_main.phEPSS 0.2%CVE-2026-5572MEDIUMTechnostrobe HI-LED-WR120-G2 cross-site request forgeryEPSS 0.2%CVE-2025-5766MEDIUMcode-projects Laundry System cross-site request forgeryEPSS 0.2%CVE-2026-23950HIGHnode-tar has Race Condition in Path Reservations via Unicode Ligature Collisions on macOS APFSEPSS 0.2%CVE-2025-2042MEDIUMhuang-yk student-manage cross-site request forgeryEPSS 0.2%CVE-2022-3024MEDIUMSimple Bitcoin Faucets <= 1.7.0 - Unauthorised AJAX Call to Stored XSSEPSS 0.2%CVE-2022-46797MEDIUMWordPress Conversios.io Plugin <= 5.2.3 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.2%CVE-2024-32693HIGHWordPress Automatic plugin < 3.93.0 - Multiple Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2024-31942MEDIUMWordPress Calendarista Basic Edition plugin <= 3.0.2 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2024-51381HIGHCross-Site Request Forgery (CSRF) vulnerability in JATOS v3.9.3 that allows attackers to perform actions reserved for administrators, includEPSS 0.2%CVE-2025-13282HIGHChunghwa Telecom|TenderDocTransfer - Arbitrary File DeleteEPSS 0.2%CVE-2024-6841MEDIUMCSRF in vanna-ai/vannaEPSS 0.2%CVE-2023-38579HIGHWestermo Lynx 206-F2G Cross-Site Request ForgeryEPSS 0.2%