Filtered by CWE-352
Filtered by vendor Subscriptions
Total 8349 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2024-57611 1 07fly 1 07flycms 2025-04-15 3.5 Low
07FLYCMS V1.3.9 was discovered to contain a Cross-Site Request Forgery (CSRF) via admin/doAdminAction.php?act=editShop&shopId.
CVE-2024-57159 1 07fly 1 07flycms 2025-04-15 3.5 Low
07FLYCMS V1.3.9 was discovered to contain a Cross-Site Request Forgery (CSRF) via /erp.07fly.net:80/oa/OaWorkReport/add.html.
CVE-2024-33651 1 Mf Gig Calendar Project 1 Mf Gig Calendar 2025-04-15 5.4 Medium
Cross-Site Request Forgery (CSRF) vulnerability in Matthew Fries MF Gig Calendar.This issue affects MF Gig Calendar : from n/a through 1.2.1.
CVE-2022-29468 1 Wwbn 1 Avideo 2025-04-15 8.8 High
A cross-site request forgery (CSRF) vulnerability exists in WWBN AVideo 11.6 and dev master commit 3f7c0364. A specially-crafted HTTP request can lead to increased privileges. An attacker can get an authenticated user to send a crafted HTTP request to trigger this vulnerability.
CVE-2025-2871 2025-04-15 4.3 Medium
The WordPress Mega Menu – QuadMenu plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 3.2.0. This is due to missing or incorrect nonce validation on the ajax_dismiss_notice() function. This makes it possible for unauthenticated attackers to update any user meta to a value of one, including wp_capabilities which could result in a privilege deescalation of an administrator, via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.
CVE-2025-27009 2025-04-15 7.1 High
Cross-Site Request Forgery (CSRF) vulnerability in wphocus My auctions allegro allows Stored XSS.This issue affects My auctions allegro: from n/a through 3.6.20.
CVE-2025-30965 2025-04-15 4.3 Medium
Cross-Site Request Forgery (CSRF) vulnerability in NotFound WPJobBoard allows Cross Site Request Forgery. This issue affects WPJobBoard: from n/a through n/a.
CVE-2024-34957 2 Idccms, Idccms Project 2 Idccms, Idccms 2025-04-15 5.4 Medium
idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component admin/sysImages_deal.php?mudi=infoSet.
CVE-2024-34958 2 Idccms, Idccms Project 2 Idccms, Idccms 2025-04-15 6.5 Medium
idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component admin/banner_deal.php?mudi=add
CVE-2024-35011 2 Idccms, Idccms Project 2 Idccms, Idccms 2025-04-15 5.4 Medium
idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /admin/infoType_deal.php?mudi=rev&nohrefStr=close.
CVE-2024-35012 2 Idccms, Idccms Project 2 Idccms, Idccms 2025-04-15 6.3 Medium
idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /admin/infoType_deal.php?mudi=add&nohrefStr=close.
CVE-2024-35039 2 Idccms, Idccms Project 2 Idccms, Idccms 2025-04-15 3.8 Low
idccms V1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) via admin/tplSys_deal.php?mudi=area.
CVE-2024-35108 2 Idccms, Idccms Project 2 Idccms, Idccms 2025-04-15 8.8 High
idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /admin/homePro_deal.php?mudi=del&dataType=&dataTypeCN.
CVE-2024-35109 2 Idccms, Idccms Project 2 Idccms, Idccms 2025-04-15 6.5 Medium
idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /homePro_deal.php?mudi=add&nohrefStr=close.
CVE-2024-36670 1 Idccms 1 Idccms 2025-04-15 8.8 High
idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component admin/vpsClass_deal.php?mudi=del
CVE-2024-39019 2 Idccms, Idccms Project 2 Idccms, Idccms 2025-04-15 5.4 Medium
idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/idcProData_deal.php?mudi=del
CVE-2024-39020 2 Idccms, Idccms Project 2 Idccms, Idccms 2025-04-15 6.3 Medium
idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/vpsApiData_deal.php?mudi=rev&nohrefStr=close
CVE-2024-39021 1 Idccms 1 Idccms 2025-04-15 5.4 Medium
idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /admin/vpsApiData_deal.php?mudi=del
CVE-2024-39022 2 Idccms, Idccms Project 2 Idccms, Idccms 2025-04-15 8.8 High
idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/infoSys_deal.php?mudi=deal
CVE-2024-39023 2 Idccms, Idccms Project 2 Idccms, Idccms 2025-04-15 8.8 High
idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via admin/info_deal.php?mudi=add&nohrefStr=close