← Back
CWE-352

9,383 CVEs • Abstraction: Compound • Likelihood of Exploit: Medium

Cross-Site Request Forgery (CSRF)

The web application does not, or can not, sufficiently verify whether a well-formed, valid, consistent request was intentionally provided by the user who submitted the request.

JSON object

Loading...

CVEs (9,383)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
1Secondlinethemes
1Auto Youtube Importer
Jun 17, 2026
May 22, 2023
N/A· v4
8.8 HIGH· v3
N/A· v2
Cross-Site Request Forgery (CSRF) vulnerability in SecondLineThemes Auto YouTube Importer plugin <= 1.0.3 versions.
1Hover Image Project
1Hover Image
Jun 17, 2026
May 22, 2023
N/A· v4
8.8 HIGH· v3
N/A· v2
Cross-Site Request Forgery (CSRF) vulnerability in Julian Weinert // cs&m Hover Image plugin <= 1.4.1 versions.
1Stylist Project
1Stylist
Jun 17, 2026
May 22, 2023
N/A· v4
8.8 HIGH· v3
N/A· v2
Cross-Site Request Forgery (CSRF) vulnerability in StylistWP Extra Block Design, Style, CSS for ANY Gutenberg Blocks plugin <= 0.2.6 versions.
1Crayon Syntax Highlighter Project
1Crayon Syntax Highlighter
Jun 17, 2026
May 22, 2023
N/A· v4
8.8 HIGH· v3
N/A· v2
Cross-Site Request Forgery (CSRF) vulnerability in Aram Kocharyan Crayon Syntax Highlighter plugin <= 2.8.4 versions.
1Xootix
1Side Cart Woocommerce
Jun 17, 2026
May 22, 2023
N/A· v4
8.8 HIGH· v3
N/A· v2
Cross-Site Request Forgery (CSRF) vulnerability in XootiX Side Cart Woocommerce (Ajax) < 2.1 versions.
1Loginizer
1Loginizer
Jun 17, 2026
May 22, 2023
N/A· v4
8.8 HIGH· v3
N/A· v2
Cross-Site Request Forgery (CSRF) vulnerability in Softaculous Loginizer plugin <= 1.7.5 versions.
1Webmat
1Flexible Elementor Panel
Jun 17, 2026
May 22, 2023
N/A· v4
8.8 HIGH· v3
N/A· v2
Cross-Site Request Forgery (CSRF) vulnerability in WebMat Flexible Elementor Panel plugin <= 2.3.8 versions.
1Thingsforrestaurants
1Quick Restaurant Reservations
Jun 17, 2026
May 22, 2023
N/A· v4
9.8 CRITICAL· v3
N/A· v2
Cross-Site Request Forgery (CSRF) vulnerability in ThingsForRestaurants Quick Restaurant Reservations plugin <= 1.5.4 versions.
1Asgaros
1Asgaros Forum
Jun 17, 2026
May 22, 2023
N/A· v4
8.8 HIGH· v3
N/A· v2
Cross-Site Request Forgery (CSRF) vulnerability in Thomas Belser Asgaros Forum plugin <= 2.2.0 versions.
1My Calendar Project
1My Calendar
Jun 17, 2026
May 22, 2023
N/A· v4
8.8 HIGH· v3
N/A· v2
Cross-Site Request Forgery (CSRF) vulnerability in Joseph C Dolson My Calendar plugin <= 3.4.3 versions.
1User Meta
1User Meta Manager
Jun 17, 2026
May 22, 2023
N/A· v4
8.8 HIGH· v3
N/A· v2
Cross-Site Request Forgery (CSRF) vulnerability in User Meta Manager plugin <= 3.4.9 versions.
1Wp Topbar Project
1Wp Topbar
Jun 17, 2026
May 22, 2023
N/A· v4
8.8 HIGH· v3
N/A· v2
Cross-Site Request Forgery (CSRF) vulnerability in Bob Goetz WP-TopBar plugin <= 5.36 versions.
1Supsystic
1Coming Soon
Jun 17, 2026
May 22, 2023
N/A· v4
8.8 HIGH· v3
N/A· v2
Cross-Site Request Forgery (CSRF) vulnerability in Supsystic Coming Soon by Supsystic plugin <= 1.7.10 versions.
1Srs Simple Hits Counter Project
1Srs Simple Hits Counter
Jun 17, 2026
May 22, 2023
N/A· v4
8.8 HIGH· v3
N/A· v2
Cross-Site Request Forgery (CSRF) vulnerability in Atif N SRS Simple Hits Counter plugin <= 1.1.0 versions.
1Name Directory Project
1Name Directory
Jun 17, 2026
May 22, 2023
N/A· v4
8.8 HIGH· v3
N/A· v2
Cross-Site Request Forgery (CSRF) vulnerability in Jeroen Peters Name Directory plugin <= 1.27.1 versions.
1Wp Tabs Slides Project
1Wp Tabs Slides
Jun 17, 2026
May 22, 2023
N/A· v4
8.8 HIGH· v3
N/A· v2
Cross-Site Request Forgery (CSRF) vulnerability in Abdul Ibad WP Tabs Slides plugin <= 2.0.3 versions.
1Nicearma
1Dnui Delete Not Used Image
Jun 17, 2026
May 22, 2023
N/A· v4
8.8 HIGH· v3
N/A· v2
Cross-Site Request Forgery (CSRF) vulnerability in Nicearma DNUI plugin <= 2.8.1 versions.
1Mediamatic
1Media Library Folders
Jun 17, 2026
May 22, 2023
N/A· v4
8.8 HIGH· v3
N/A· v2
Cross-Site Request Forgery (CSRF) vulnerability in Plugincraft Mediamatic – Media Library Folders plugin <= 2.8.1 versions.
1Pingonline
1Dyslexiefont Free
Jun 17, 2026
May 20, 2023
N/A· v4
8.8 HIGH· v3
N/A· v2
Cross-Site Request Forgery (CSRF) vulnerability in PingOnline Dyslexiefont Free plugin <= 1.0.0 versions.
1Robosoft
1Robogallery
Jun 17, 2026
May 20, 2023
N/A· v4
8.8 HIGH· v3
N/A· v2
Cross-Site Request Forgery (CSRF) vulnerability in RoboSoft Photo Gallery, Images, Slider in Rbs Image Gallery plugin <= 3.2.11 versions.