Weaknesses of type CWE-352
5,733 resultsCVE-2025-12879HIGHUser Generator and Importer <= 1.2.2 - Cross-Site Request Forgery to Privilege Escalation via Arbitrary Administrator Account CreationEPSS 0.2%CVE-2025-0610HIGHCSRF in Akinsoft's QR MenuEPSS 0.2%CVE-2025-0748MEDIUMHomey <= 2.4.3 - Cross-Site Request Forgery to User VerificationEPSS 0.2%CVE-2024-53778HIGHWordPress Essential Breadcrumbs plugin <= 1.1.1 - CSRF to Stored Cross Site Scripting (XSS) vulnerabilityEPSS 0.2%CVE-2025-8669MEDIUMCustomify <= 0.4.11 - Cross-Site Request ForgeryEPSS 0.2%CVE-2025-50586MEDIUMStudentManage v1.0 was discovered to contain Cross-Site Request Forgery (CSRF).EPSS 0.2%CVE-2026-35096MEDIUMCross-Site Request Forgery (CSRF) in KTM System e-BOKEPSS 0.2%CVE-2026-29784HIGHGhost: Incomplete CSRF protections around OTC useEPSS 0.2%CVE-2026-11784MEDIUMOptimole – Optimize Images | Convert WebP & AVIF | CDN & Lazy Load | Image Optimization <= 4.2.6 - Cross-Site Request Forgery via 'optml_replace_file' AJAX ActionEPSS 0.2%CVE-2025-9622MEDIUMWP Blast | SEO & Performance Booster <= 1.8.6 - Cross-Site Request Forgery to Cache ClearingEPSS 0.2%CVE-2026-40326HIGHMasa CMS CSRF in site bundle creation allows unauthorized site data exportEPSS 0.2%CVE-2024-49237HIGHWordPress Ahmeti Wp Timeline plugin <= 5.1 - CSRF to Stored XSS vulnerabilityEPSS 0.2%CVE-2025-24540MEDIUMWordPress Website Builder by SeedProd plugin <= 6.18.9 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2024-49223HIGHWordPress CJ Change Howdy plugin <= 3.3.1 - CSRF to Stored XSS vulnerabilityEPSS 0.2%CVE-2018-25435MEDIUMZeusCart 4.0 Deactivate Customer Accounts CSRFEPSS 0.2%CVE-2024-43192MEDIUMIBM Storage TS4500 Library cross-site request forgeryEPSS 0.2%CVE-2026-4140MEDIUMNi WooCommerce Order Export <= 3.1.6 - Cross-Site Request Forgery to Settings Update via ni_order_export_action AJAX ActionEPSS 0.2%CVE-2025-9633MEDIUMLH Signing <= 2.83 - Cross-Site Request ForgeryEPSS 0.2%CVE-2025-31482MEDIUMFreshRSS vulnerable to DoS by malicious feed entry loading logout URLEPSS 0.2%CVE-2025-23113LOWAn issue was discovered in REDCap 14.9.6. It has an action=myprojects&logout=1 CSRF issue in the alert-title while performing an upload of aEPSS 0.2%