CWE-352
Cross-Site Request Forgery (CSRF)
Description
The web application does not, or cannot, sufficiently verify whether a request was intentionally provided by the user who sent the request, which could have originated from an unauthorized actor.
Hierarchy (View 1000)
Parents
Children
none
Related attack patterns (CAPEC)
CAPEC-111 · CAPEC-462 · CAPEC-467 · CAPEC-62
CVEs mapped to this weakness (5,713)
page 175 of 286| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2025-32274 | Med | 0.28 | 4.3 | 0.00 | Apr 4, 2025 | Cross-Site Request Forgery (CSRF) vulnerability in axew3 WP w3all phpBB wp-w3all-phpbb-integration allows Cross Site Request Forgery.This issue affects WP w3all phpBB: from n/a through <= 2.9.8. | ||
| CVE-2025-32273 | Med | 0.28 | 4.3 | 0.00 | Apr 4, 2025 | Cross-Site Request Forgery (CSRF) vulnerability in freetobook Freetobook Responsive Widget freetobook-responsive-widget allows Cross Site Request Forgery.This issue affects Freetobook Responsive Widget: from n/a through <= 1.1. | ||
| CVE-2025-32272 | Med | 0.28 | 4.3 | 0.00 | Apr 4, 2025 | Cross-Site Request Forgery (CSRF) vulnerability in PickPlugins Wishlist wishlist allows Cross Site Request Forgery.This issue affects Wishlist: from n/a through <= 1.0.46. | ||
| CVE-2025-32271 | Med | 0.28 | 4.3 | 0.00 | Apr 4, 2025 | Cross-Site Request Forgery (CSRF) vulnerability in ablancodev Woocommerce Role Pricing woocommerce-role-pricing allows Cross Site Request Forgery.This issue affects Woocommerce Role Pricing: from n/a through <= 3.5.6. | ||
| CVE-2025-32270 | Med | 0.28 | 4.3 | 0.00 | Apr 4, 2025 | Cross-Site Request Forgery (CSRF) vulnerability in Broadstreet Broadstreet Ads broadstreet allows Cross Site Request Forgery.This issue affects Broadstreet Ads: from n/a through <= 1.52.1. | ||
| CVE-2025-32269 | Med | 0.28 | 4.3 | 0.00 | Apr 4, 2025 | Cross-Site Request Forgery (CSRF) vulnerability in CRM Perks WP Zendesk for Contact Form 7, WPForms, Elementor, Formidable and Ninja Forms cf7-zendesk allows Cross Site Request Forgery.This issue affects WP Zendesk for Contact Form 7, WPForms, Elementor, Formidable and Ninja… | ||
| CVE-2025-32268 | Med | 0.28 | 4.3 | 0.00 | Apr 4, 2025 | Cross-Site Request Forgery (CSRF) vulnerability in www.15.to QR Code Tag for WC qr-code-tag-for-wc-from-goaskle-com allows Cross Site Request Forgery.This issue affects QR Code Tag for WC: from n/a through <= 1.9.42. | ||
| CVE-2025-32267 | Med | 0.28 | 4.3 | 0.00 | Apr 4, 2025 | Cross-Site Request Forgery (CSRF) vulnerability in wpzinc Post to Social Media – WordPress to Hootsuite wp-to-hootsuite allows Cross Site Request Forgery.This issue affects Post to Social Media – WordPress to Hootsuite: from n/a through <= 1.5.8. | ||
| CVE-2025-32266 | Med | 0.28 | 4.3 | 0.00 | Apr 4, 2025 | Cross-Site Request Forgery (CSRF) vulnerability in wp-buy 404 Image Redirection (Replace Broken Images) broken-images-redirection allows Cross Site Request Forgery.This issue affects 404 Image Redirection (Replace Broken Images): from n/a through <= 1.4. | ||
| CVE-2025-32265 | Med | 0.28 | 4.3 | 0.00 | Apr 4, 2025 | Cross-Site Request Forgery (CSRF) vulnerability in Hossni Mubarak JobWP jobwp allows Cross Site Request Forgery.This issue affects JobWP: from n/a through <= 2.3.9. | ||
| CVE-2025-32264 | Med | 0.28 | 4.3 | 0.00 | Apr 4, 2025 | Cross-Site Request Forgery (CSRF) vulnerability in Saiful Islam UltraAddons Elementor Lite ultraaddons-elementor-lite allows Cross Site Request Forgery.This issue affects UltraAddons Elementor Lite: from n/a through <= 2.0.2. | ||
| CVE-2025-32263 | Med | 0.28 | 4.3 | 0.00 | Apr 4, 2025 | Cross-Site Request Forgery (CSRF) vulnerability in BeRocket Sequential Order Numbers for WooCommerce sequential-order-numbers-for-woocommerce allows Cross Site Request Forgery.This issue affects Sequential Order Numbers for WooCommerce: from n/a through <= 3.6.2. | ||
| CVE-2025-32262 | Med | 0.28 | 4.3 | 0.00 | Apr 4, 2025 | Cross-Site Request Forgery (CSRF) vulnerability in Robert D Payne RDP Wiki Embed rdp-wiki-embed allows Cross Site Request Forgery.This issue affects RDP Wiki Embed: from n/a through <= 1.2.20. | ||
| CVE-2025-32261 | Med | 0.28 | 4.3 | 0.00 | Apr 4, 2025 | Cross-Site Request Forgery (CSRF) vulnerability in Kuppuraj Advanced All in One Admin Search by WP Spotlight wp-spotlight-search allows Cross Site Request Forgery.This issue affects Advanced All in One Admin Search by WP Spotlight: from n/a through <= 1.1.1. | ||
| CVE-2025-32250 | Med | 0.28 | 5.4 | 0.00 | Apr 4, 2025 | Cross-Site Request Forgery (CSRF) vulnerability in rollbar Rollbar rollbar allows Cross Site Request Forgery.This issue affects Rollbar: from n/a through <= 2.7.1. | ||
| CVE-2025-31753 | Med | 0.28 | 4.3 | 0.00 | Apr 1, 2025 | Cross-Site Request Forgery (CSRF) vulnerability in Animesh Kumar Advanced Speed Increaser advanced-speed-increaser.This issue affects Advanced Speed Increaser: from n/a through <= 2.2.1. | ||
| CVE-2025-31888 | Med | 0.28 | 4.3 | 0.00 | Apr 1, 2025 | Cross-Site Request Forgery (CSRF) vulnerability in WPExperts.io WP Multistore Locator wp-multi-store-locator allows Cross Site Request Forgery.This issue affects WP Multistore Locator: from n/a through <= 2.5.2. | ||
| CVE-2025-31880 | Med | 0.28 | 4.3 | 0.00 | Apr 1, 2025 | Cross-Site Request Forgery (CSRF) vulnerability in Stylemix Pearl pearl-header-builder allows Cross Site Request Forgery.This issue affects Pearl: from n/a through <= 1.3.9. | ||
| CVE-2025-31852 | Med | 0.28 | 4.3 | 0.00 | Apr 1, 2025 | Cross-Site Request Forgery (CSRF) vulnerability in N-Media Bulk Product Sync sync-wc-google allows Cross Site Request Forgery.This issue affects Bulk Product Sync: from n/a through <= 8.6. | ||
| CVE-2025-31845 | Med | 0.28 | 4.3 | 0.00 | Apr 1, 2025 | Cross-Site Request Forgery (CSRF) vulnerability in Rohit Choudhary Theme Duplicator theme-duplicator allows Cross Site Request Forgery.This issue affects Theme Duplicator: from n/a through <= 1.1. |
- risk 0.28cvss 4.3epss 0.00
Cross-Site Request Forgery (CSRF) vulnerability in axew3 WP w3all phpBB wp-w3all-phpbb-integration allows Cross Site Request Forgery.This issue affects WP w3all phpBB: from n/a through <= 2.9.8.
- risk 0.28cvss 4.3epss 0.00
Cross-Site Request Forgery (CSRF) vulnerability in freetobook Freetobook Responsive Widget freetobook-responsive-widget allows Cross Site Request Forgery.This issue affects Freetobook Responsive Widget: from n/a through <= 1.1.
- risk 0.28cvss 4.3epss 0.00
Cross-Site Request Forgery (CSRF) vulnerability in PickPlugins Wishlist wishlist allows Cross Site Request Forgery.This issue affects Wishlist: from n/a through <= 1.0.46.
- risk 0.28cvss 4.3epss 0.00
Cross-Site Request Forgery (CSRF) vulnerability in ablancodev Woocommerce Role Pricing woocommerce-role-pricing allows Cross Site Request Forgery.This issue affects Woocommerce Role Pricing: from n/a through <= 3.5.6.
- risk 0.28cvss 4.3epss 0.00
Cross-Site Request Forgery (CSRF) vulnerability in Broadstreet Broadstreet Ads broadstreet allows Cross Site Request Forgery.This issue affects Broadstreet Ads: from n/a through <= 1.52.1.
- risk 0.28cvss 4.3epss 0.00
Cross-Site Request Forgery (CSRF) vulnerability in CRM Perks WP Zendesk for Contact Form 7, WPForms, Elementor, Formidable and Ninja Forms cf7-zendesk allows Cross Site Request Forgery.This issue affects WP Zendesk for Contact Form 7, WPForms, Elementor, Formidable and Ninja…
- risk 0.28cvss 4.3epss 0.00
Cross-Site Request Forgery (CSRF) vulnerability in www.15.to QR Code Tag for WC qr-code-tag-for-wc-from-goaskle-com allows Cross Site Request Forgery.This issue affects QR Code Tag for WC: from n/a through <= 1.9.42.
- risk 0.28cvss 4.3epss 0.00
Cross-Site Request Forgery (CSRF) vulnerability in wpzinc Post to Social Media – WordPress to Hootsuite wp-to-hootsuite allows Cross Site Request Forgery.This issue affects Post to Social Media – WordPress to Hootsuite: from n/a through <= 1.5.8.
- risk 0.28cvss 4.3epss 0.00
Cross-Site Request Forgery (CSRF) vulnerability in wp-buy 404 Image Redirection (Replace Broken Images) broken-images-redirection allows Cross Site Request Forgery.This issue affects 404 Image Redirection (Replace Broken Images): from n/a through <= 1.4.
- risk 0.28cvss 4.3epss 0.00
Cross-Site Request Forgery (CSRF) vulnerability in Hossni Mubarak JobWP jobwp allows Cross Site Request Forgery.This issue affects JobWP: from n/a through <= 2.3.9.
- risk 0.28cvss 4.3epss 0.00
Cross-Site Request Forgery (CSRF) vulnerability in Saiful Islam UltraAddons Elementor Lite ultraaddons-elementor-lite allows Cross Site Request Forgery.This issue affects UltraAddons Elementor Lite: from n/a through <= 2.0.2.
- risk 0.28cvss 4.3epss 0.00
Cross-Site Request Forgery (CSRF) vulnerability in BeRocket Sequential Order Numbers for WooCommerce sequential-order-numbers-for-woocommerce allows Cross Site Request Forgery.This issue affects Sequential Order Numbers for WooCommerce: from n/a through <= 3.6.2.
- risk 0.28cvss 4.3epss 0.00
Cross-Site Request Forgery (CSRF) vulnerability in Robert D Payne RDP Wiki Embed rdp-wiki-embed allows Cross Site Request Forgery.This issue affects RDP Wiki Embed: from n/a through <= 1.2.20.
- risk 0.28cvss 4.3epss 0.00
Cross-Site Request Forgery (CSRF) vulnerability in Kuppuraj Advanced All in One Admin Search by WP Spotlight wp-spotlight-search allows Cross Site Request Forgery.This issue affects Advanced All in One Admin Search by WP Spotlight: from n/a through <= 1.1.1.
- risk 0.28cvss 5.4epss 0.00
Cross-Site Request Forgery (CSRF) vulnerability in rollbar Rollbar rollbar allows Cross Site Request Forgery.This issue affects Rollbar: from n/a through <= 2.7.1.
- risk 0.28cvss 4.3epss 0.00
Cross-Site Request Forgery (CSRF) vulnerability in Animesh Kumar Advanced Speed Increaser advanced-speed-increaser.This issue affects Advanced Speed Increaser: from n/a through <= 2.2.1.
- risk 0.28cvss 4.3epss 0.00
Cross-Site Request Forgery (CSRF) vulnerability in WPExperts.io WP Multistore Locator wp-multi-store-locator allows Cross Site Request Forgery.This issue affects WP Multistore Locator: from n/a through <= 2.5.2.
- risk 0.28cvss 4.3epss 0.00
Cross-Site Request Forgery (CSRF) vulnerability in Stylemix Pearl pearl-header-builder allows Cross Site Request Forgery.This issue affects Pearl: from n/a through <= 1.3.9.
- risk 0.28cvss 4.3epss 0.00
Cross-Site Request Forgery (CSRF) vulnerability in N-Media Bulk Product Sync sync-wc-google allows Cross Site Request Forgery.This issue affects Bulk Product Sync: from n/a through <= 8.6.
- risk 0.28cvss 4.3epss 0.00
Cross-Site Request Forgery (CSRF) vulnerability in Rohit Choudhary Theme Duplicator theme-duplicator allows Cross Site Request Forgery.This issue affects Theme Duplicator: from n/a through <= 1.1.