Weaknesses of type CWE-352
5,733 resultsCVE-2025-57942MEDIUMWordPress Emergency Password Reset plugin <= 9.3 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2024-4839MEDIUMCSRF in Servers Configurations in parisneo/lollms-webuiEPSS 0.2%CVE-2026-36956HIGHA Cross-Site Request Forgery (CSRF) vulnerability exists in the web management interface of the Dbit N300 T1 Pro wireless router V1.0.0. TheEPSS 0.2%CVE-2026-6400MEDIUMChild Height Predictor by Ostheimer <= 1.3 - Cross-Site Request Forgery to Settings Update via Plugin Settings FormEPSS 0.2%CVE-2026-52784HIGHOpenProject: CSRF on TARGET through /users/:id via POST parameter "user[admin]"EPSS 0.2%CVE-2025-23639HIGHWordPress MDC YouTube Downloader plugin <= 3.0.0 - CSRF to Stored XSS vulnerabilityEPSS 0.2%CVE-2026-27841HIGHSenseLive X3050 Cross-Site request forgeryEPSS 0.2%CVE-2026-13537MEDIUMCodeAstro Human Resource Management System cross-site request forgeryEPSS 0.2%CVE-2026-8194MEDIUMosTicket Dispatcher class.dispatcher.php cross-site request forgeryEPSS 0.2%CVE-2026-5624MEDIUMProjectSend upload.php cross-site request forgeryEPSS 0.2%CVE-2025-25772MEDIUMA Cross-Site Request Forgery (CSRF) in the component /back/UserController.java of Jspxcms v9.0 to v9.5 allows attackers to arbitrarily add AEPSS 0.2%CVE-2023-38739MEDIUMIBM Sterling B2B Integrator cross-site request forgeryEPSS 0.2%CVE-2025-3131MEDIUMECA: Event - Condition - Action - Critical - Cross site request forgery - SA-CONTRIB-2025-031EPSS 0.2%CVE-2026-1447MEDIUMMail Mint <= 1.19.2 - Cross-Site Request Forgery to Stored Cross-Site ScriptingEPSS 0.2%CVE-2025-6214MEDIUMOmnishop <= 1.0.9 - Cross-Site Request Forgery to Arbitrary User Deletion via /users/delete REST EndpointEPSS 0.2%CVE-2018-25397MEDIUMPHP-SHOP 1.0 Cross-Site Request Forgery via users.phpEPSS 0.2%CVE-2020-37007MEDIUMLiman 0.7 - Cross-Site Request Forgery (Change Password)EPSS 0.2%CVE-2025-55043MEDIUMMuraCMS through 10.1.10 contains a CSRF vulnerability in the bundle creation functionality (csettings.cfc createBundle method) that allows uEPSS 0.2%CVE-2016-20051MEDIUMSnews CMS 1.7 Cross-Site Request Forgery via changeupEPSS 0.2%CVE-2026-4401MEDIUMDownload Monitor <= 5.1.10 - Cross-Site Request Forgery to Download Path Deletion and DisablingEPSS 0.2%