CWE-352
Medium likelihoodCross-Site Request Forgery (CSRF)
The web application does not, or cannot, sufficiently verify whether a request was intentionally provided by the user who sent the request, which could have originated from an unauthorized actor.
9,119 vulnerabilities with CWE-352
CVE-2026-24007
MEDIUM
Tuleap - CSRF
CVSS 4.6
CVE-2026-0658
MEDIUM
Five Star Restaurant Reservations <2.7.9 - CSRF
CVSS 4.3
CVE-2026-1745
MEDIUM
SourceCodester Medical Certificate Generator App 1.0 - CSRF
CVSS 4.3
CVE-2026-1165
MEDIUM
WordPress Popup Box <6.1.1 - CSRF
CVSS 4.3
CVE-2026-1398
MEDIUM
Change WP URL <1.0 - CSRF
CVSS 4.3
CVE-2026-1380
MEDIUM
Bitcoin Donate Button <1.0 - CSRF
CVSS 4.3
CVE-2026-1377
MEDIUM
imwptip WordPress <1.1 - CSRF
CVSS 4.3
CVE-2026-0818
MEDIUM
Mozilla Thunderbird < 140.7.1 - Information Disclosure
CVSS 4.3
CVE-2026-24345
HIGH
EZCast Pro II <1.17478.146 - CSRF
CVSS 8.8
CVE-2026-24408
NONE
sigstore-python <4.2.0 - CSRF
CVE-2026-24432
MEDIUM
Shenzhen Tenda W30E V2 <16.01.0.19(5037) - CSRF
CVSS 4.3
CVE-2026-1208
MEDIUM
Welcart WordPress <1.2.5 - CSRF
CVSS 4.3
CVE-2026-1088
MEDIUM
WordPress Login Page Editor <1.2 - CSRF
CVSS 4.3
CVE-2026-1081
MEDIUM
Set Bulk Post Categories <1.1 - CSRF
CVSS 4.3
CVE-2026-1076
MEDIUM
Star Review Manager <1.2.2 - CSRF
CVSS 4.3
CVE-2026-1075
MEDIUM
ZT Captcha <1.0.4 - CSRF
CVSS 4.3
CVE-2026-1070
MEDIUM
Alex User Counter <6.0 - CSRF
CVSS 4.3
CVE-2026-24596
MEDIUM
Related Posts Thumbnails Plugin <4.3.1 - CSRF
CVSS 4.3
CVE-2026-24549
MEDIUM
GeoDirectory <2.8.150 - CSRF
CVSS 4.3
CVE-2026-24542
MEDIUM
John James Jacoby WP Term Order <= 2.1.0 - CSRF
CVSS 4.3
CVE-2026-24521
MEDIUM
Kama Thumbnail <= 3.5.1 - CSRF
CVSS 4.3
CVE-2026-24384
MEDIUM
Merge + Minify + Refresh <2.15 - CSRF
CVSS 5.4
CVE-2026-24374
MEDIUM
Metagauss RegistrationMagic <= 6.0.6.9 - CSRF
CVSS 5.4
CVE-2026-24365
MEDIUM
WooCommerce Stock Manager <3.6.0 - CSRF
CVSS 5.4
CVE-2026-22483
MEDIUM
winkm89 teachPress <9.0.12 - CSRF
CVSS 5.4
Details
Vulnerabilities
9,119
Exploit Likelihood
Medium