← Back
CWE-352

9,383 CVEs • Abstraction: Compound • Likelihood of Exploit: Medium

Cross-Site Request Forgery (CSRF)

The web application does not, or can not, sufficiently verify whether a well-formed, valid, consistent request was intentionally provided by the user who submitted the request.

JSON object

Loading...

CVEs (9,383)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
1Upress
1Enable Accessibility
Jun 17, 2026
May 25, 2023
N/A· v4
8.8 HIGH· v3
N/A· v2
Cross-Site Request Forgery (CSRF) vulnerability in Pretty Links plugin <= 3.4.0 versions.
1Tychesoftwares
1Custom Order Numbers For Woocommerce
Jun 17, 2026
May 25, 2023
N/A· v4
8.8 HIGH· v3
N/A· v2
Cross-Site Request Forgery (CSRF) vulnerability in Tyche Softwares Custom Order Numbers for WooCommerce plugin <= 1.4.0 versions.
1Mage People
1Event Manager And Tickets Selling Plugin For Woocommerce
Jun 17, 2026
May 25, 2023
N/A· v4
8.8 HIGH· v3
N/A· v2
Cross-Site Request Forgery (CSRF) vulnerability in MagePeople Team Event Manager and Tickets Selling Plugin for WooCommerce plugin <= 3.7.7 versions.
1Logaster
1Logo Generator
Jun 17, 2026
May 25, 2023
N/A· v4
8.8 HIGH· v3
N/A· v2
Cross-Site Request Forgery (CSRF) vulnerability in Logaster Logaster Logo Generator plugin <= 1.3 versions.
1Wp Basic Elements Project
1Wp Basic Elements
Jun 17, 2026
May 25, 2023
N/A· v4
8.8 HIGH· v3
N/A· v2
Cross-Site Request Forgery (CSRF) vulnerability in Damir Calusic WP Basic Elements plugin <= 5.2.15 versions.
1Login And Registration Attempts Limit Project
1Login And Registration Attempts Limit
Jun 17, 2026
May 25, 2023
N/A· v4
8.8 HIGH· v3
N/A· v2
Cross-Site Request Forgery (CSRF) vulnerability in German Krutov LOGIN AND REGISTRATION ATTEMPTS LIMIT plugin <= 2.1 versions.
1Chronoengine
1Chronoforms
Jun 17, 2026
May 25, 2023
N/A· v4
8.8 HIGH· v3
N/A· v2
Cross-Site Request Forgery (CSRF) vulnerability in chronoengine.Com Chronoforms plugin <= 7.0.9 versions.
1Import External Images Project
1Import External Images
Jun 17, 2026
May 25, 2023
N/A· v4
8.8 HIGH· v3
N/A· v2
Cross-Site Request Forgery (CSRF) vulnerability in Marty Thornley Import External Images plugin <= 1.4 versions.
1Bulk Resize Media Project
1Bulk Resize Media
Jun 17, 2026
May 25, 2023
N/A· v4
8.8 HIGH· v3
N/A· v2
Cross-Site Request Forgery (CSRF) vulnerability in Marty Thornley Bulk Resize Media plugin <= 1.1 versions.
1Villatheme
1Woocommerce Thank You Page Customizer
Jun 17, 2026
May 25, 2023
N/A· v4
8.8 HIGH· v3
N/A· v2
Cross-Site Request Forgery (CSRF) vulnerability in VillaTheme Thank You Page Customizer for WooCommerce – Increase Your Sales plugin <= 1.0.13 versions.
1Litespeedtech
1Litespeed Cache
Jun 17, 2026
May 25, 2023
N/A· v4
8.8 HIGH· v3
N/A· v2
Cross-Site Request Forgery (CSRF) vulnerability in LiteSpeed Technologies LiteSpeed Cache plugin <= 5.3 versions.
1Zorem
1Advanced Shipment Tracking For Woocommerce
Jun 17, 2026
May 25, 2023
N/A· v4
8.8 HIGH· v3
N/A· v2
Cross-Site Request Forgery (CSRF) vulnerability in Zorem Advanced Shipment Tracking for WooCommerce plugin <= 3.5.2 versions.
1Xiligroup
1Xili Tidy Tags
Jun 17, 2026
May 24, 2023
N/A· v4
8.8 HIGH· v3
N/A· v2
Cross-Site Request Forgery (CSRF) vulnerability in dev.Xiligroup.Com - MS plugin <= 1.12.03 versions.
1Internet Formation
1Wp Advanced Search
Jun 17, 2026
May 24, 2023
N/A· v4
8.8 HIGH· v3
N/A· v2
Cross-Site Request Forgery (CSRF) vulnerability in Mathieu Chartier WordPress WP-Advanced-Search plugin <= 3.3.8 versions.
1Viadat
1Store Locator For Wordpress With Google Maps
Jun 17, 2026
May 24, 2023
N/A· v4
8.8 HIGH· v3
N/A· v2
Cross-Site Request Forgery (CSRF) vulnerability in Viadat Creations Store Locator for WordPress with Google Maps – LotsOfLocales plugin <= 3.98.7 versions.
1Kopatheme
1Kopa Framework
Jun 17, 2026
May 24, 2023
N/A· v4
8.8 HIGH· v3
N/A· v2
Cross-Site Request Forgery (CSRF) vulnerability in Kopa Theme Kopa Framework plugin <= 1.3.5 versions.
1Clickfunnels
1Clickfunnels
Jun 17, 2026
May 24, 2023
N/A· v4
8.8 HIGH· v3
N/A· v2
Cross-Site Request Forgery (CSRF) vulnerability in Etison, LLC ClickFunnels plugin <= 3.1.1 versions.
1Bookingultrapro
1Booking Ultra Pro Appointments Booking Calendar
Jun 17, 2026
May 24, 2023
N/A· v4
8.8 HIGH· v3
N/A· v2
Cross-Site Request Forgery (CSRF) vulnerability in Booking Ultra Pro Appointments Booking Calendar Plugin plugin <= 1.1.4 versions.
1Weightbasedshipping
1Woocommerce Weight Based Shipping
Jun 17, 2026
May 24, 2023
N/A· v4
8.8 HIGH· v3
N/A· v2
Cross-Site Request Forgery (CSRF) vulnerability in weightbasedshipping.Com WooCommerce Weight Based Shipping plugin <= 5.4.1 versions.
1Codedropz
1Drag And Drop Multiple File Upload Contact Form 7
Jun 17, 2026
May 24, 2023
N/A· v4
8.8 HIGH· v3
N/A· v2
Cross-Site Request Forgery (CSRF) vulnerability in Glen Don L. Mongaya Drag and Drop Multiple File Upload – Contact Form 7 plugin <= 1.3.6.5 versions.