CWE-352
Cross-Site Request Forgery (CSRF)
Description
The web application does not, or cannot, sufficiently verify whether a request was intentionally provided by the user who sent the request, which could have originated from an unauthorized actor.
Hierarchy (View 1000)
Parents
Children
none
Related attack patterns (CAPEC)
CAPEC-111 · CAPEC-462 · CAPEC-467 · CAPEC-62
CVEs mapped to this weakness (5,713)
page 177 of 286| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2025-31456 | Med | 0.28 | 4.3 | 0.00 | Mar 28, 2025 | Cross-Site Request Forgery (CSRF) vulnerability in bsndev Ultimate Security Checker ultimate-security-checker allows Cross Site Request Forgery.This issue affects Ultimate Security Checker: from n/a through <= 4.2. | ||
| CVE-2025-31438 | Med | 0.28 | 4.3 | 0.00 | Mar 28, 2025 | Cross-Site Request Forgery (CSRF) vulnerability in Benoit De Boeck WP Supersized wp-supersized allows Cross Site Request Forgery.This issue affects WP Supersized: from n/a through <= 3.1.6. | ||
| CVE-2025-31079 | Med | 0.28 | 4.3 | 0.00 | Mar 28, 2025 | Cross-Site Request Forgery (CSRF) vulnerability in usermaven Usermaven usermaven allows Cross Site Request Forgery.This issue affects Usermaven: from n/a through <= 1.2.1. | ||
| CVE-2025-22637 | Med | 0.28 | 4.3 | 0.00 | Mar 27, 2025 | Cross-Site Request Forgery (CSRF) vulnerability in verkkovaraani Print PDF Generator and Publisher nopeamedia allows Cross Site Request Forgery.This issue affects Print PDF Generator and Publisher: from n/a through <= 1.2.0. | ||
| CVE-2025-22669 | Med | 0.28 | 4.3 | 0.00 | Mar 27, 2025 | Cross-Site Request Forgery (CSRF) vulnerability in AwesomeTOGI Awesome Event Booking awesome-event-booking allows Cross Site Request Forgery.This issue affects Awesome Event Booking: from n/a through <= 2.7.5. | ||
| CVE-2025-30923 | Med | 0.28 | 4.3 | 0.00 | Mar 27, 2025 | Cross-Site Request Forgery (CSRF) vulnerability in powerfulwp Gift Message for WooCommerce gift-message-for-woocommerce allows Cross Site Request Forgery.This issue affects Gift Message for WooCommerce: from n/a through <= 1.7.8. | ||
| CVE-2025-30888 | Med | 0.28 | 4.3 | 0.00 | Mar 27, 2025 | Cross-Site Request Forgery (CSRF) vulnerability in silverplugins217 Custom Fields Account Registration For Woocommerce custom-fields-account-registration-for-woocommerce allows Cross Site Request Forgery.This issue affects Custom Fields Account Registration For Woocommerce: from… | ||
| CVE-2025-30872 | Med | 0.28 | 4.3 | 0.00 | Mar 27, 2025 | Cross-Site Request Forgery (CSRF) vulnerability in Nitin Prakash Product Author for WooCommerce wc-product-author allows Cross Site Request Forgery.This issue affects Product Author for WooCommerce: from n/a through <= 1.0.7. | ||
| CVE-2025-30865 | Med | 0.28 | 4.3 | 0.00 | Mar 27, 2025 | Cross-Site Request Forgery (CSRF) vulnerability in fuzzoid 3DPrint Lite 3dprint-lite allows Cross Site Request Forgery.This issue affects 3DPrint Lite: from n/a through <= 2.1.3.5. | ||
| CVE-2025-30863 | Med | 0.28 | 4.3 | 0.00 | Mar 27, 2025 | Cross-Site Request Forgery (CSRF) vulnerability in CRM Perks Integration for Google Sheets and Contact Form 7, WPForms, Elementor, Ninja Forms integration-for-contact-form-7-and-google-sheets allows Cross Site Request Forgery.This issue affects Integration for Google Sheets and… | ||
| CVE-2025-30862 | Med | 0.28 | 4.3 | 0.00 | Mar 27, 2025 | Cross-Site Request Forgery (CSRF) vulnerability in sminozzi reCAPTCHA for all recaptcha-for-all allows Cross Site Request Forgery.This issue affects reCAPTCHA for all: from n/a through <= 2.22. | ||
| CVE-2025-30856 | Med | 0.28 | 4.3 | 0.00 | Mar 27, 2025 | Cross-Site Request Forgery (CSRF) vulnerability in theme funda Custom Field For WP Job Manager custom-field-for-wp-job-manager allows Cross Site Request Forgery.This issue affects Custom Field For WP Job Manager: from n/a through <= 1.4. | ||
| CVE-2025-30854 | Med | 0.28 | 4.3 | 0.00 | Mar 27, 2025 | Cross-Site Request Forgery (CSRF) vulnerability in Vollstart Serial Codes Generator and Validator with WooCommerce Support serial-codes-generator-and-validator allows Cross Site Request Forgery.This issue affects Serial Codes Generator and Validator with WooCommerce Support:… | ||
| CVE-2025-30842 | Med | 0.28 | 4.3 | 0.00 | Mar 27, 2025 | Cross-Site Request Forgery (CSRF) vulnerability in pixolette Christmas Panda christmas-panda allows Cross Site Request Forgery.This issue affects Christmas Panda: from n/a through <= 1.0.4. | ||
| CVE-2025-30833 | Med | 0.28 | 4.3 | 0.00 | Mar 27, 2025 | Cross-Site Request Forgery (CSRF) vulnerability in Soft8Soft LLC Verge3D verge3d allows Cross Site Request Forgery.This issue affects Verge3D: from n/a through <= 4.8.2. | ||
| CVE-2025-30823 | Med | 0.28 | 4.3 | 0.00 | Mar 27, 2025 | Cross-Site Request Forgery (CSRF) vulnerability in Boone Gorges Anthologize anthologize allows Cross Site Request Forgery.This issue affects Anthologize: from n/a through <= 0.8.2. | ||
| CVE-2025-30822 | Med | 0.28 | 4.3 | 0.00 | Mar 27, 2025 | Cross-Site Request Forgery (CSRF) vulnerability in Hakik Zaman Custom Login Logo ideal-wp-login-logo-changer allows Cross Site Request Forgery.This issue affects Custom Login Logo: from n/a through <= 1.1.7. | ||
| CVE-2025-30816 | Med | 0.28 | 4.3 | 0.00 | Mar 27, 2025 | Cross-Site Request Forgery (CSRF) vulnerability in Nks publish post email notification publish-post-email-notification allows Cross Site Request Forgery.This issue affects publish post email notification: from n/a through <= 1.0.2.3. | ||
| CVE-2025-30815 | Med | 0.28 | 4.3 | 0.00 | Mar 27, 2025 | Cross-Site Request Forgery (CSRF) vulnerability in Saeed Sattar Beglou Hesabfa Accounting hesabfa-accounting allows Cross Site Request Forgery.This issue affects Hesabfa Accounting: from n/a through <= 2.1.8. | ||
| CVE-2025-30811 | Med | 0.28 | 4.3 | 0.00 | Mar 27, 2025 | Cross-Site Request Forgery (CSRF) vulnerability in Javier Revilla ValidateCertify validar-certificados-de-cursos allows Cross Site Request Forgery.This issue affects ValidateCertify: from n/a through <= 1.6.1. |
- risk 0.28cvss 4.3epss 0.00
Cross-Site Request Forgery (CSRF) vulnerability in bsndev Ultimate Security Checker ultimate-security-checker allows Cross Site Request Forgery.This issue affects Ultimate Security Checker: from n/a through <= 4.2.
- risk 0.28cvss 4.3epss 0.00
Cross-Site Request Forgery (CSRF) vulnerability in Benoit De Boeck WP Supersized wp-supersized allows Cross Site Request Forgery.This issue affects WP Supersized: from n/a through <= 3.1.6.
- risk 0.28cvss 4.3epss 0.00
Cross-Site Request Forgery (CSRF) vulnerability in usermaven Usermaven usermaven allows Cross Site Request Forgery.This issue affects Usermaven: from n/a through <= 1.2.1.
- risk 0.28cvss 4.3epss 0.00
Cross-Site Request Forgery (CSRF) vulnerability in verkkovaraani Print PDF Generator and Publisher nopeamedia allows Cross Site Request Forgery.This issue affects Print PDF Generator and Publisher: from n/a through <= 1.2.0.
- risk 0.28cvss 4.3epss 0.00
Cross-Site Request Forgery (CSRF) vulnerability in AwesomeTOGI Awesome Event Booking awesome-event-booking allows Cross Site Request Forgery.This issue affects Awesome Event Booking: from n/a through <= 2.7.5.
- risk 0.28cvss 4.3epss 0.00
Cross-Site Request Forgery (CSRF) vulnerability in powerfulwp Gift Message for WooCommerce gift-message-for-woocommerce allows Cross Site Request Forgery.This issue affects Gift Message for WooCommerce: from n/a through <= 1.7.8.
- risk 0.28cvss 4.3epss 0.00
Cross-Site Request Forgery (CSRF) vulnerability in silverplugins217 Custom Fields Account Registration For Woocommerce custom-fields-account-registration-for-woocommerce allows Cross Site Request Forgery.This issue affects Custom Fields Account Registration For Woocommerce: from…
- risk 0.28cvss 4.3epss 0.00
Cross-Site Request Forgery (CSRF) vulnerability in Nitin Prakash Product Author for WooCommerce wc-product-author allows Cross Site Request Forgery.This issue affects Product Author for WooCommerce: from n/a through <= 1.0.7.
- risk 0.28cvss 4.3epss 0.00
Cross-Site Request Forgery (CSRF) vulnerability in fuzzoid 3DPrint Lite 3dprint-lite allows Cross Site Request Forgery.This issue affects 3DPrint Lite: from n/a through <= 2.1.3.5.
- risk 0.28cvss 4.3epss 0.00
Cross-Site Request Forgery (CSRF) vulnerability in CRM Perks Integration for Google Sheets and Contact Form 7, WPForms, Elementor, Ninja Forms integration-for-contact-form-7-and-google-sheets allows Cross Site Request Forgery.This issue affects Integration for Google Sheets and…
- risk 0.28cvss 4.3epss 0.00
Cross-Site Request Forgery (CSRF) vulnerability in sminozzi reCAPTCHA for all recaptcha-for-all allows Cross Site Request Forgery.This issue affects reCAPTCHA for all: from n/a through <= 2.22.
- risk 0.28cvss 4.3epss 0.00
Cross-Site Request Forgery (CSRF) vulnerability in theme funda Custom Field For WP Job Manager custom-field-for-wp-job-manager allows Cross Site Request Forgery.This issue affects Custom Field For WP Job Manager: from n/a through <= 1.4.
- risk 0.28cvss 4.3epss 0.00
Cross-Site Request Forgery (CSRF) vulnerability in Vollstart Serial Codes Generator and Validator with WooCommerce Support serial-codes-generator-and-validator allows Cross Site Request Forgery.This issue affects Serial Codes Generator and Validator with WooCommerce Support:…
- risk 0.28cvss 4.3epss 0.00
Cross-Site Request Forgery (CSRF) vulnerability in pixolette Christmas Panda christmas-panda allows Cross Site Request Forgery.This issue affects Christmas Panda: from n/a through <= 1.0.4.
- risk 0.28cvss 4.3epss 0.00
Cross-Site Request Forgery (CSRF) vulnerability in Soft8Soft LLC Verge3D verge3d allows Cross Site Request Forgery.This issue affects Verge3D: from n/a through <= 4.8.2.
- risk 0.28cvss 4.3epss 0.00
Cross-Site Request Forgery (CSRF) vulnerability in Boone Gorges Anthologize anthologize allows Cross Site Request Forgery.This issue affects Anthologize: from n/a through <= 0.8.2.
- risk 0.28cvss 4.3epss 0.00
Cross-Site Request Forgery (CSRF) vulnerability in Hakik Zaman Custom Login Logo ideal-wp-login-logo-changer allows Cross Site Request Forgery.This issue affects Custom Login Logo: from n/a through <= 1.1.7.
- risk 0.28cvss 4.3epss 0.00
Cross-Site Request Forgery (CSRF) vulnerability in Nks publish post email notification publish-post-email-notification allows Cross Site Request Forgery.This issue affects publish post email notification: from n/a through <= 1.0.2.3.
- risk 0.28cvss 4.3epss 0.00
Cross-Site Request Forgery (CSRF) vulnerability in Saeed Sattar Beglou Hesabfa Accounting hesabfa-accounting allows Cross Site Request Forgery.This issue affects Hesabfa Accounting: from n/a through <= 2.1.8.
- risk 0.28cvss 4.3epss 0.00
Cross-Site Request Forgery (CSRF) vulnerability in Javier Revilla ValidateCertify validar-certificados-de-cursos allows Cross Site Request Forgery.This issue affects ValidateCertify: from n/a through <= 1.6.1.