Weaknesses of type CWE-352
5,733 resultsCVE-2024-48291MEDIUMdingfanzu CMS 1.0 was discovered to contain a Cross-Site Request Forgery (CSRF) via /admin/doAdminAction.php?act=editAdmin&id=17EPSS 0.2%CVE-2024-26153MEDIUMETIC Telecom Remote Access Server (RAS) Cross-Site Request ForgeryEPSS 0.2%CVE-2025-30617MEDIUMWordPress Rewrite plugin <= 0.2.1 - Cross Site Request Forgery (CSRF) VulnerabilityEPSS 0.2%CVE-2020-37079MEDIUMWing FTP Server < 6.2.7 - Cross-site Request ForgeryEPSS 0.2%CVE-2025-23675HIGHWordPress Import Users to MailChimp plugin <= 1.0 - CSRF to Stored XSS vulnerabilityEPSS 0.2%CVE-2024-37417MEDIUMWordPress Coachify theme <= 1.0.7 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2025-30598MEDIUMWordPress OSS Upload plugin <= 4.8.9 Cross Site Request Forgery (CSRF) VulnerabilityEPSS 0.2%CVE-2025-54010CRITICALWordPress FluentSnippets plugin <= 10.50 - Cross Site Request Forgery (CSRF) VulnerabilityEPSS 0.2%CVE-2026-3565MEDIUMTaqnix <= 1.0.3 - Cross-Site Request Forgery to Account Deletion via 'taqnix_delete_my_account' AJAX ActionEPSS 0.2%CVE-2025-23673HIGHWordPress Email on Publish plugin <= 1.5 - CSRF to Stored XSS vulnerabilityEPSS 0.2%CVE-2025-54390MEDIUMA Cross-Site Request Forgery (CSRF) vulnerability exists in the ResetPasswordRequest operation of Zimbra Collaboration (ZCS) when the zimbraEPSS 0.2%CVE-2025-30601MEDIUMWordPress Flipdish Ordering System plugin <= 1.5.2 - Cross Site Request Forgery (CSRF) to Settings Change vulnerabilityEPSS 0.2%CVE-2021-47723MEDIUMSTVS ProVision Cross-Site Request Forgery (Add Admin)EPSS 0.2%CVE-2025-52825HIGHWordPress Real Estate Manager plugin <= 7.3 - Cross Site Request Forgery (CSRF) VulnerabilityEPSS 0.2%CVE-2025-32679MEDIUMWordPress User Registration Using Contact Form 7 plugin <= 2.4 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2025-43809MEDIUMCross-Site Request Forgery (CSRF) vulnerability in the server (license) registration page in Liferay Portal 7.4.0 through 7.4.3.111, and oldEPSS 0.2%CVE-2025-23710HIGHWordPress Flying Twitter Birds plugin <= 1.8 - CSRF to Stored XSS vulnerabilityEPSS 0.2%CVE-2025-24875MEDIUMSameSite Defense in Depth not applied for some cookies in SAP CommerceEPSS 0.2%CVE-2026-34384MEDIUMAdmidio: Missing CSRF Protection on Registration Approval ActionsEPSS 0.2%CVE-2024-13795MEDIUMEcwid by Lightspeed Ecommerce Shopping Cart <= 6.12.27 - Cross-Site Request Forgery to Send Deactivation MessageEPSS 0.2%