Weaknesses of type CWE-352
5,724 resultsCVE-2024-8489HIGHCSRF due to overly permissive CORS headers in modelscope/agentscopeEPSS 0.2%CVE-2023-46775MEDIUMWordPress Original texts Yandex WebMaster Plugin <= 1.18 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.2%CVE-2022-47175MEDIUMWordPress Royal Elementor Addons Plugin <= 1.3.75 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.2%CVE-2023-45651MEDIUMWordPress WP Attachments Plugin <= 5.0.11 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.2%CVE-2023-41131MEDIUMWordPress Sp*tify Play Button for WordPress Plugin <= 2.10 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.2%CVE-2023-46087MEDIUMWordPress Who Hit The Page – Hit Counter Plugin <= 1.4.14.3 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.2%CVE-2022-47172MEDIUMWordPress WooLentor Plugin <= 2.6.2 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.2%CVE-2025-25770MEDIUMWangmarket v4.10 to v5.0 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /agency/AgencyUserController.java.EPSS 0.2%CVE-2023-46781MEDIUMWordPress Current Menu Item for Custom Post Types Plugin <= 1.5 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.2%CVE-2024-3083HIGHA “CWE-352: Cross-Site Request Forgery (CSRF)” can be exploited by remote attackers to perform state-changing operations with administrativeEPSS 0.2%CVE-2025-24738MEDIUMWordPress Call Now Button plugin <= 1.4.13 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2023-5823MEDIUMWordPress TK Google Fonts GDPR Compliant Plugin <= 2.2.11 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.2%CVE-2024-31934MEDIUMWordPress Link Whisper Free plugin <= 0.6.9 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2023-25980MEDIUMWordPress Optimize Database after Deleting Revisions Plugin <= 5.1 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.2%CVE-2023-32124MEDIUMWordPress Publish Confirm Message Plugin <= 1.3.1 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.2%CVE-2023-45274MEDIUMWordPress SendPulse Free Web Push Plugin <= 1.3.1 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.2%CVE-2023-45606MEDIUMWordPress Simple URLs Plugin <= 120 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.2%CVE-2023-37892MEDIUMWordPress Shortcode IMDB Plugin <= 6.0.8 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.2%CVE-2023-45643MEDIUMWordPress CPT Shortcode Generator Plugin <= 1.0 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.2%CVE-2023-45605MEDIUMWordPress Feed Statistics Plugin <= 4.1 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.2%