CWE-352
Medium likelihoodCross-Site Request Forgery (CSRF)
The web application does not, or cannot, sufficiently verify whether a request was intentionally provided by the user who sent the request, which could have originated from an unauthorized actor.
8,781 vulnerabilities with CWE-352
CVE-2026-3770
MEDIUM
SourceCodester CLMS 1.0 - CSRF
CVSS 4.3
CVE-2026-29784
HIGH
Ghost 5.101.6-6.19.2 - CSRF
CVSS 7.5
CVE-2026-1087
MEDIUM
Guardian News Feed Plugin <1.2 - CSRF
CVSS 4.3
CVE-2026-1086
MEDIUM
WordPress Font Pairing Preview - CSRF
CVSS 4.3
CVE-2026-1085
MEDIUM
True Ranker WordPress Plugin <2.2.9 - CSRF
CVSS 4.3
CVE-2026-1073
MEDIUM
Purchase Button For Affiliate Link <1.0.2 - CSRF
CVSS 4.3
CVE-2026-2494
MEDIUM
ProfileGrid WordPress Plugin <=5.9.8.2 - CSRF
CVSS 4.3
CVE-2026-1644
MEDIUM
WP Frontend Profile <1.3.8 - CSRF
CVSS 4.3
CVE-2018-25200
MEDIUM
OOP CMS BLOG 1.0 - CSRF
CVSS 5.3
CVE-2018-25190
MEDIUM
Easyndexer 1.0 - CSRF
CVSS 5.3
CVE-2018-25186
MEDIUM
Tina4 Stack 1.0.3 - CSRF
CVSS 5.3
CVE-2018-25177
MEDIUM
Data Center Audit 2.6.2 - CSRF
CVSS 5.3
CVE-2018-25176
HIGH
Alive Parish 2.0.4 - SQL Injection
CVSS 8.2
CVE-2018-25174
MEDIUM
ABC ERP 0.6.4 - CSRF
CVSS 5.3
CVE-2018-25170
HIGH
DoceboLMS 1.2 - SQL Injection
CVSS 8.2
CVE-2026-1468
QuickCMS - CSRF
CVE-2026-3589
HIGH
WooCommerce 5.4.0-10.5.2 - CSRF
CVSS 7.5
CVE-2026-1128
MEDIUM
WP eCommerce WordPress Plugin <3.15.1 - CSRF
CVSS 4.3
CVE-2026-29084
MEDIUM
Gokapi <2.2.3 - CSRF
CVSS 4.6
CVE-2025-59541
HIGH
Chamilo <1.11.34 - CSRF
CVSS 8.1
CVE-2026-28477
HIGH
OpenClaw <2026.2.14 - Auth Bypass
CVSS 7.1
CVE-2026-30793
RustDesk Client <=1.4.5 - CSRF to Privilege Escalation
CVE-2025-64166
MEDIUM
Mercurius <16.4.0 - CSRF
CVSS 5.4
CVE-2026-2994
MEDIUM
Concrete CMS <9.4.8 - CSRF
CVSS 6.8
CVE-2021-35486
HIGH
Nokia IMPACT <19.11.2.10 - CSRF
CVSS 8.1
Details
Vulnerabilities
8,781
Exploit Likelihood
Medium