CWE-352
9,383 CVEs • Abstraction: Compound • Likelihood of Exploit: Medium
Cross-Site Request Forgery (CSRF)
The web application does not, or can not, sufficiently verify whether a well-formed, valid, consistent request was intentionally provided by the user who submitted the request.
CVEs (9,383)
CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS |
|---|
Cross-Site Request Forgery (CSRF) vulnerability in Pretty Links plugin <= 3.4.0 versions. |
1Tychesoftwares 1Custom Order Numbers For Woocommerce Jun 17, 2026 May 25, 2023 N/A· v4 8.8 HIGH· v3 N/A· v2 Cross-Site Request Forgery (CSRF) vulnerability in Tyche Softwares Custom Order Numbers for WooCommerce plugin <= 1.4.0 versions. |
1Mage People 1Event Manager And Tickets Selling Plugin For Woocommerce Jun 17, 2026 May 25, 2023 N/A· v4 8.8 HIGH· v3 N/A· v2 Cross-Site Request Forgery (CSRF) vulnerability in MagePeople Team Event Manager and Tickets Selling Plugin for WooCommerce plugin <= 3.7.7 versions. |
Cross-Site Request Forgery (CSRF) vulnerability in Logaster Logaster Logo Generator plugin <= 1.3 versions. |
1Wp Basic Elements Project 1Wp Basic Elements Jun 17, 2026 May 25, 2023 N/A· v4 8.8 HIGH· v3 N/A· v2 Cross-Site Request Forgery (CSRF) vulnerability in Damir Calusic WP Basic Elements plugin <= 5.2.15 versions. |
1Login And Registration Attempts Limit Project 1Login And Registration Attempts Limit Jun 17, 2026 May 25, 2023 N/A· v4 8.8 HIGH· v3 N/A· v2 Cross-Site Request Forgery (CSRF) vulnerability in German Krutov LOGIN AND REGISTRATION ATTEMPTS LIMIT plugin <= 2.1 versions. |
Cross-Site Request Forgery (CSRF) vulnerability in chronoengine.Com Chronoforms plugin <= 7.0.9 versions. |
1Import External Images Project 1Import External Images Jun 17, 2026 May 25, 2023 N/A· v4 8.8 HIGH· v3 N/A· v2 Cross-Site Request Forgery (CSRF) vulnerability in Marty Thornley Import External Images plugin <= 1.4 versions. |
1Bulk Resize Media Project 1Bulk Resize Media Jun 17, 2026 May 25, 2023 N/A· v4 8.8 HIGH· v3 N/A· v2 Cross-Site Request Forgery (CSRF) vulnerability in Marty Thornley Bulk Resize Media plugin <= 1.1 versions. |
1Villatheme 1Woocommerce Thank You Page Customizer Jun 17, 2026 May 25, 2023 N/A· v4 8.8 HIGH· v3 N/A· v2 Cross-Site Request Forgery (CSRF) vulnerability in VillaTheme Thank You Page Customizer for WooCommerce – Increase Your Sales plugin <= 1.0.13 versions. |
Cross-Site Request Forgery (CSRF) vulnerability in LiteSpeed Technologies LiteSpeed Cache plugin <= 5.3 versions. |
1Zorem 1Advanced Shipment Tracking For Woocommerce Jun 17, 2026 May 25, 2023 N/A· v4 8.8 HIGH· v3 N/A· v2 Cross-Site Request Forgery (CSRF) vulnerability in Zorem Advanced Shipment Tracking for WooCommerce plugin <= 3.5.2 versions. |
Cross-Site Request Forgery (CSRF) vulnerability in dev.Xiligroup.Com - MS plugin <= 1.12.03 versions. |
1Internet Formation 1Wp Advanced Search Jun 17, 2026 May 24, 2023 N/A· v4 8.8 HIGH· v3 N/A· v2 Cross-Site Request Forgery (CSRF) vulnerability in Mathieu Chartier WordPress WP-Advanced-Search plugin <= 3.3.8 versions. |
1Viadat 1Store Locator For Wordpress With Google Maps Jun 17, 2026 May 24, 2023 N/A· v4 8.8 HIGH· v3 N/A· v2 Cross-Site Request Forgery (CSRF) vulnerability in Viadat Creations Store Locator for WordPress with Google Maps – LotsOfLocales plugin <= 3.98.7 versions. |
Cross-Site Request Forgery (CSRF) vulnerability in Kopa Theme Kopa Framework plugin <= 1.3.5 versions. |
Cross-Site Request Forgery (CSRF) vulnerability in Etison, LLC ClickFunnels plugin <= 3.1.1 versions. |
1Bookingultrapro 1Booking Ultra Pro Appointments Booking Calendar Jun 17, 2026 May 24, 2023 N/A· v4 8.8 HIGH· v3 N/A· v2 Cross-Site Request Forgery (CSRF) vulnerability in Booking Ultra Pro Appointments Booking Calendar Plugin plugin <= 1.1.4 versions. |
1Weightbasedshipping 1Woocommerce Weight Based Shipping Jun 17, 2026 May 24, 2023 N/A· v4 8.8 HIGH· v3 N/A· v2 Cross-Site Request Forgery (CSRF) vulnerability in weightbasedshipping.Com WooCommerce Weight Based Shipping plugin <= 5.4.1 versions. |
1Codedropz 1Drag And Drop Multiple File Upload Contact Form 7 Jun 17, 2026 May 24, 2023 N/A· v4 8.8 HIGH· v3 N/A· v2 Cross-Site Request Forgery (CSRF) vulnerability in Glen Don L. Mongaya Drag and Drop Multiple File Upload – Contact Form 7 plugin <= 1.3.6.5 versions. |