VYPR

CWE-352

Cross-Site Request Forgery (CSRF)

CompoundStableLikelihood: Medium

Description

The web application does not, or cannot, sufficiently verify whether a request was intentionally provided by the user who sent the request, which could have originated from an unauthorized actor.

Hierarchy (View 1000)

Parents

Children

none

Related attack patterns (CAPEC)

CAPEC-111 · CAPEC-462 · CAPEC-467 · CAPEC-62

CVEs mapped to this weakness (5,713)

page 177 of 286
  • CVE-2025-31456MedMar 28, 2025
    risk 0.28cvss 4.3epss 0.00

    Cross-Site Request Forgery (CSRF) vulnerability in bsndev Ultimate Security Checker ultimate-security-checker allows Cross Site Request Forgery.This issue affects Ultimate Security Checker: from n/a through <= 4.2.

  • CVE-2025-31438MedMar 28, 2025
    risk 0.28cvss 4.3epss 0.00

    Cross-Site Request Forgery (CSRF) vulnerability in Benoit De Boeck WP Supersized wp-supersized allows Cross Site Request Forgery.This issue affects WP Supersized: from n/a through <= 3.1.6.

  • CVE-2025-31079MedMar 28, 2025
    risk 0.28cvss 4.3epss 0.00

    Cross-Site Request Forgery (CSRF) vulnerability in usermaven Usermaven usermaven allows Cross Site Request Forgery.This issue affects Usermaven: from n/a through <= 1.2.1.

  • CVE-2025-22637MedMar 27, 2025
    risk 0.28cvss 4.3epss 0.00

    Cross-Site Request Forgery (CSRF) vulnerability in verkkovaraani Print PDF Generator and Publisher nopeamedia allows Cross Site Request Forgery.This issue affects Print PDF Generator and Publisher: from n/a through <= 1.2.0.

  • CVE-2025-22669MedMar 27, 2025
    risk 0.28cvss 4.3epss 0.00

    Cross-Site Request Forgery (CSRF) vulnerability in AwesomeTOGI Awesome Event Booking awesome-event-booking allows Cross Site Request Forgery.This issue affects Awesome Event Booking: from n/a through <= 2.7.5.

  • CVE-2025-30923MedMar 27, 2025
    risk 0.28cvss 4.3epss 0.00

    Cross-Site Request Forgery (CSRF) vulnerability in powerfulwp Gift Message for WooCommerce gift-message-for-woocommerce allows Cross Site Request Forgery.This issue affects Gift Message for WooCommerce: from n/a through <= 1.7.8.

  • CVE-2025-30888MedMar 27, 2025
    risk 0.28cvss 4.3epss 0.00

    Cross-Site Request Forgery (CSRF) vulnerability in silverplugins217 Custom Fields Account Registration For Woocommerce custom-fields-account-registration-for-woocommerce allows Cross Site Request Forgery.This issue affects Custom Fields Account Registration For Woocommerce: from…

  • CVE-2025-30872MedMar 27, 2025
    risk 0.28cvss 4.3epss 0.00

    Cross-Site Request Forgery (CSRF) vulnerability in Nitin Prakash Product Author for WooCommerce wc-product-author allows Cross Site Request Forgery.This issue affects Product Author for WooCommerce: from n/a through <= 1.0.7.

  • CVE-2025-30865MedMar 27, 2025
    risk 0.28cvss 4.3epss 0.00

    Cross-Site Request Forgery (CSRF) vulnerability in fuzzoid 3DPrint Lite 3dprint-lite allows Cross Site Request Forgery.This issue affects 3DPrint Lite: from n/a through <= 2.1.3.5.

  • CVE-2025-30863MedMar 27, 2025
    risk 0.28cvss 4.3epss 0.00

    Cross-Site Request Forgery (CSRF) vulnerability in CRM Perks Integration for Google Sheets and Contact Form 7, WPForms, Elementor, Ninja Forms integration-for-contact-form-7-and-google-sheets allows Cross Site Request Forgery.This issue affects Integration for Google Sheets and…

  • CVE-2025-30862MedMar 27, 2025
    risk 0.28cvss 4.3epss 0.00

    Cross-Site Request Forgery (CSRF) vulnerability in sminozzi reCAPTCHA for all recaptcha-for-all allows Cross Site Request Forgery.This issue affects reCAPTCHA for all: from n/a through <= 2.22.

  • CVE-2025-30856MedMar 27, 2025
    risk 0.28cvss 4.3epss 0.00

    Cross-Site Request Forgery (CSRF) vulnerability in theme funda Custom Field For WP Job Manager custom-field-for-wp-job-manager allows Cross Site Request Forgery.This issue affects Custom Field For WP Job Manager: from n/a through <= 1.4.

  • CVE-2025-30854MedMar 27, 2025
    risk 0.28cvss 4.3epss 0.00

    Cross-Site Request Forgery (CSRF) vulnerability in Vollstart Serial Codes Generator and Validator with WooCommerce Support serial-codes-generator-and-validator allows Cross Site Request Forgery.This issue affects Serial Codes Generator and Validator with WooCommerce Support:…

  • CVE-2025-30842MedMar 27, 2025
    risk 0.28cvss 4.3epss 0.00

    Cross-Site Request Forgery (CSRF) vulnerability in pixolette Christmas Panda christmas-panda allows Cross Site Request Forgery.This issue affects Christmas Panda: from n/a through <= 1.0.4.

  • CVE-2025-30833MedMar 27, 2025
    risk 0.28cvss 4.3epss 0.00

    Cross-Site Request Forgery (CSRF) vulnerability in Soft8Soft LLC Verge3D verge3d allows Cross Site Request Forgery.This issue affects Verge3D: from n/a through <= 4.8.2.

  • CVE-2025-30823MedMar 27, 2025
    risk 0.28cvss 4.3epss 0.00

    Cross-Site Request Forgery (CSRF) vulnerability in Boone Gorges Anthologize anthologize allows Cross Site Request Forgery.This issue affects Anthologize: from n/a through <= 0.8.2.

  • CVE-2025-30822MedMar 27, 2025
    risk 0.28cvss 4.3epss 0.00

    Cross-Site Request Forgery (CSRF) vulnerability in Hakik Zaman Custom Login Logo ideal-wp-login-logo-changer allows Cross Site Request Forgery.This issue affects Custom Login Logo: from n/a through <= 1.1.7.

  • CVE-2025-30816MedMar 27, 2025
    risk 0.28cvss 4.3epss 0.00

    Cross-Site Request Forgery (CSRF) vulnerability in Nks publish post email notification publish-post-email-notification allows Cross Site Request Forgery.This issue affects publish post email notification: from n/a through <= 1.0.2.3.

  • CVE-2025-30815MedMar 27, 2025
    risk 0.28cvss 4.3epss 0.00

    Cross-Site Request Forgery (CSRF) vulnerability in Saeed Sattar Beglou Hesabfa Accounting hesabfa-accounting allows Cross Site Request Forgery.This issue affects Hesabfa Accounting: from n/a through <= 2.1.8.

  • CVE-2025-30811MedMar 27, 2025
    risk 0.28cvss 4.3epss 0.00

    Cross-Site Request Forgery (CSRF) vulnerability in Javier Revilla ValidateCertify validar-certificados-de-cursos allows Cross Site Request Forgery.This issue affects ValidateCertify: from n/a through <= 1.6.1.