Weaknesses of type CWE-352

5,724 results
CVE-2023-5982MEDIUMUpdraftPlus <= 1.23.10 - Cross-Site Request Forgery to Google Drive Storage UpdateEPSS 0.2%CVE-2024-8476MEDIUMEasy PayPal Events <= 1.2.1 - Cross-Site Request Forgery to Arbitrary Post DeletionEPSS 0.2%CVE-2024-55945MEDIUMCross-Site Request Forgery in DB Check Module in TYPO3EPSS 0.2%CVE-2025-7834MEDIUMPHPGurukul Complaint Management System cross-site request forgeryEPSS 0.2%CVE-2023-24417MEDIUMWordPress Worthy – VG WORT Integration für WordPress Plugin <= 1.6.5-6497609 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.2%CVE-2022-40198MEDIUMWordPress TeraWallet – For WooCommerce Plugin <= 1.3.24 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.2%CVE-2023-35044MEDIUMWordPress Securimage-WP Plugin <= 3.6.16 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.2%CVE-2024-24706MEDIUMWordPress WP-CFM Plugin <= 1.7.8 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.2%CVE-2023-6197MEDIUMAudio Merchant <= 5.0.4 - Cross-Site Request Forgery to Settings Modifcation and Stored Cross-Site ScriptingEPSS 0.2%CVE-2024-2951MEDIUMWordPress RegistrationMagic plugin <= 5.3.0.0 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2025-20228MEDIUMMaintenance mode state change of App Key Value Store (KVStore) through a Cross-Site Request Forgery (CSRF) in Splunk EnterpriseEPSS 0.2%CVE-2024-8980CRITICALThe Script Console in Liferay Portal 7.0.0 through 7.4.3.101, and Liferay DXP 2023.Q3.1 through 2023.Q3.4, 7.4 GA through update 92, 7.3 GA EPSS 0.2%CVE-2025-6476MEDIUMSourceCodester Gym Management System cross-site request forgeryEPSS 0.2%CVE-2024-54307MEDIUMWordPress AIcomments plugin <= 1.4.1 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2023-35877HIGHWordPress Extra User Details Plugin <= 0.5 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.2%CVE-2024-12774MEDIUMAltra Side Menu <= 2.0 - Abitrary Menu Deletion via CSRFEPSS 0.2%CVE-2021-36855MEDIUMWordPress Booking Ultra Pro plugin <= 1.1.4 - Cross-Site Scripting (XSS) via Cross-Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2023-34029MEDIUMWordPress Disable WordPress Update Notifications Plugin <= 2.3.3 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.2%CVE-2022-46806MEDIUMWordPress Cart All In One For WooCommerce Plugin <= 1.1.10 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.2%CVE-2024-54300MEDIUMWordPress AutoWP plugin <= 2.0.8 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%