CWE-352
Medium likelihoodCross-Site Request Forgery (CSRF)
The web application does not, or cannot, sufficiently verify whether a request was intentionally provided by the user who sent the request, which could have originated from an unauthorized actor.
9,119 vulnerabilities with CWE-352
CVE-2026-2994
MEDIUM
Concrete CMS <9.4.8 - CSRF
CVSS 6.8
CVE-2026-27758
MEDIUM
SODOLA SL902-SWTGW124AS <200.1.20 - CSRF
CVSS 4.3
CVE-2026-3193
LOW
Chia Blockchain 2.1.0 - CSRF
CVSS 3.1
CVE-2026-2410
MEDIUM
Disable Admin Notices 1.4.2 - CSRF
CVSS 4.3
CVE-2026-27632
LOW
Talishar <6be3871 - CSRF
CVSS 2.6
CVE-2026-27609
MEDIUM
Parse Dashboard 7.3.0-alpha.42-9.0.0-alpha.7 - CSRF
CVSS 6.5
CVE-2026-27589
MEDIUM
Caddy <2.11.1 - CSRF
CVSS 6.5
CVE-2026-27518
MEDIUM
Binardat 10G08-0800GSM <V300SP10260209 - CSRF
CVSS 4.3
CVE-2026-27741
MEDIUM
Bludit 3.16.1 - CSRF
CVSS 4.3
CVE-2026-25649
HIGH
Traccar <=6.11.1 - Open Redirect
CVSS 7.3
CVE-2026-23694
MEDIUM
Aruba HiSpeed Cache <3.0.5 - CSRF
CVE-2026-27513
MEDIUM
Shenzhen Tenda F3 V12.01.01.55 - CSRF
CVSS 4.3
CVE-2026-27146
MEDIUM
GetSimple CMS - CSRF
CVSS 4.5
CVE-2026-26317
HIGH
OpenClaw <2026.2.14 - CSRF
CVSS 7.1
CVE-2026-27090
MEDIUM
Kenta Companion <=1.3.3 - CSRF
CVSS 4.3
CVE-2026-27050
MEDIUM
RealPress <=1.1.0 - CSRF
CVSS 5.4
CVE-2026-25422
MEDIUM
Popularis Extra <=1.2.10 - CSRF
CVSS 5.4
CVE-2026-25411
MEDIUM
Revision Manager TMC <=2.8.22 - CSRF
CVSS 4.3
CVE-2026-25337
MEDIUM
Coachify <=1.1.5 - CSRF
CVSS 5.4
CVE-2026-25322
MEDIUM
PublishPress Revisions <=3.7.22 - CSRF
CVSS 5.4
CVE-2026-25319
MEDIUM
Zita Elementor Site Library <=1.6.6 - CSRF
CVSS 4.3
CVE-2026-1455
MEDIUM
Whatsiplus Scheduled Notification for Woocommerce - CSRF
CVSS 4.3
CVE-2026-2658
MEDIUM
newbee-mall - CSRF
CVSS 4.3
CVE-2026-2112
MEDIUM
Dam Spam Plugin for WordPress <=1.0.8 - CSRF
CVSS 4.3
CVE-2026-2023
MEDIUM
WP Plugin Info Card <=6.2.0 - CSRF
CVSS 4.3
Details
Vulnerabilities
9,119
Exploit Likelihood
Medium