Weaknesses of type CWE-352
5,711 resultsCVE-2023-0438MEDIUMCross-Site Request Forgery (CSRF) in modoboa/modoboaEPSS 0.3%CVE-2021-4408MEDIUMDW Question & Answer <= 1.5.8 - Cross-Site Request Forgery BypassEPSS 0.3%CVE-2022-2223MEDIUMImage Slider <= 1.1.121 - Cross-Site Request Forgery to Post DuplicationEPSS 0.3%CVE-2021-4409MEDIUMWooCommerce Etsy Integration <= 3.3.1 - Cross-Site Request Forgery BypassEPSS 0.3%CVE-2024-26271HIGHCross-site request forgery (CSRF) vulnerability in the My Account widget in Liferay Portal 7.4.3.75 through 7.4.3.111, and Liferay DXP 2023.EPSS 0.3%CVE-2021-4407MEDIUMCustom Banners <= 3.2.2 - Cross-Site Request Forgery BypassEPSS 0.3%CVE-2021-4410MEDIUMQtranslate Slug <= 1.1.18 - Cross-Site Request Forgery BypassEPSS 0.3%CVE-2021-4412MEDIUMWP Prayer <= 1.6.5 - Cross-Site Request Forgery BypassEPSS 0.3%CVE-2024-37758HIGHImproper access control in the endpoint /RoleMenuMapping/AddRoleMenu of Digiteam v4.21.0.0 allows authenticated attackers to escalate privilEPSS 0.3%CVE-2023-26839MEDIUMA cross-site request forgery (CSRF) vulnerability in ChurchCRM v4.5.3 allows attackers to edit information for existing people on the site.EPSS 0.3%CVE-2023-25985MEDIUMWordPress WordPress Tooltips Plugin <= 8.2.5 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.3%CVE-2024-5676MEDIUMParadox IP150 Internet Module Cross-Site Request ForgeryEPSS 0.3%CVE-2022-3632MEDIUMOAuth Client by DigitialPixies <= 1.1.0 - CSRFEPSS 0.3%CVE-2021-24730—Logo Showcase with Slick Slider < 1.2.5 - Subscriber+ Arbitrary Media Title/Description/Alt Text/URL UpdateEPSS 0.3%CVE-2023-31235MEDIUMWordPress Participants Database Plugin <= 2.4.9 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.3%CVE-2022-47373MEDIUMReflected Cross Site Scripting in Search Functionality of Module LibraryEPSS 0.3%CVE-2023-34030MEDIUMWordPress Complianz and Complianz Premium plugins - Cross Site Request Forgery (CSRF)EPSS 0.3%CVE-2023-32579MEDIUMWordPress Forget About Shortcode Buttons Plugin <= 2.1.2 is vulnerable to Broken Access ControlEPSS 0.3%CVE-2025-62593CRITICALRay is vulnerable to RCE via Safari & Firefox Browsers through DNS Rebinding AttackEPSS 0.3%CVE-2024-53472HIGHWeGIA v3.2.0 was discovered to contain a Cross-Site Request Forgery (CSRF).EPSS 0.3%