Vulnerabilities

Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.

Filtering: Tag: cwe-352 Clear
ID Title
CVE-2026-57290 Cross-Site Request Forgery (CSRF) in csrf (CVE-2026-57290)
vulnerability in csrf (CVE-2026-57290). Risk of unauthorized operations or information disclosure.
CVE-2026-57295 Cross-Site Request Forgery (CSRF) in csrf (CVE-2026-57295)
vulnerability in csrf (CVE-2026-57295). Risk of unauthorized operations or information disclosure.
CVE-2026-57292 Cross-Site Request Forgery (CSRF) in csrf (CVE-2026-57292)
vulnerability in csrf (CVE-2026-57292). Risk of unauthorized operations or information disclosure.
CVE-2026-57283 Cross-Site Request Forgery (CSRF) in csrf (CVE-2026-57283)
vulnerability in csrf (CVE-2026-57283). Risk of unauthorized operations or information disclosure.
CVE-2026-9724 Cross-Site Request Forgery (CSRF) in wordpress (CVE-2026-9724)
vulnerability in wordpress (CVE-2026-9724). Risk of unauthorized operations or information disclosure.
CVE-2026-9721 Cross-Site Request Forgery (CSRF) in wordpress (CVE-2026-9721)
vulnerability in wordpress (CVE-2026-9721). Risk of unauthorized operations or information disclosure.
CVE-2026-8905 Cross-Site Request Forgery (CSRF) in wordpress (CVE-2026-8905)
vulnerability in wordpress (CVE-2026-8905). Risk of unauthorized operations or information disclosure.
CVE-2026-6292 Cross-Site Request Forgery (CSRF) in wordpress (CVE-2026-6292)
vulnerability in wordpress (CVE-2026-6292). Risk of unauthorized operations or information disclosure.
CVE-2026-11997 Cross-Site Request Forgery (CSRF) in wordpress (CVE-2026-11997)
vulnerability in wordpress (CVE-2026-11997). Risk of unauthorized operations or information disclosure.
CVE-2026-10552 Cross-Site Request Forgery (CSRF) in wordpress (CVE-2026-10552)
vulnerability in wordpress (CVE-2026-10552). Risk of unauthorized operations or information disclosure.
CVE-2026-52800 Cross-Site Request Forgery (CSRF) in gogs.io/gogs (CVE-2026-52800)
vulnerability in gogs.io/gogs (CVE-2026-52800). Successful exploitation can lead to full system takeover. Exploitable via ``TeamsAction``. Mitigation: upgrade to `0.14.3` or later.
CVE-2026-50132 Vulnerability in @budibase/server (CVE-2026-50132)
vulnerability in @budibase/server (CVE-2026-50132). Confidential information can be exposed externally. Exploitable via `GET /api/chat-links/`. Mitigation: upgrade to `3.39.0` or later.
CVE-2026-49871 Cross-Site Request Forgery (CSRF) in apache (CVE-2026-49871)
vulnerability in apache (CVE-2026-49871). Confidential information can be exposed externally.
CVE-2026-11775 Cross-Site Request Forgery (CSRF) in wordpress (CVE-2026-11775)
vulnerability in wordpress (CVE-2026-11775). Risk of unauthorized operations or information disclosure.
CVE-2026-56024 Cross-Site Request Forgery (CSRF) in csrf (CVE-2026-56024)
vulnerability in csrf (CVE-2026-56024). Risk of unauthorized operations or information disclosure.
CVE-2026-54220 Cross-Site Request Forgery (CSRF) in csrf (CVE-2026-54220)
vulnerability in csrf (CVE-2026-54220). Risk of unauthorized operations or information disclosure.
CVE-2026-55745 Cross-Site Request Forgery (CSRF) in cotonti/cotonti (CVE-2026-55745)
vulnerability in cotonti/cotonti (CVE-2026-55745). Risk of unauthorized operations or information disclosure.
CVE-2026-55742 Cross-Site Request Forgery (CSRF) in cotonti/cotonti (CVE-2026-55742)
vulnerability in cotonti/cotonti (CVE-2026-55742). Successful exploitation can lead to full system takeover.
CVE-2026-55744 Cross-Site Request Forgery (CSRF) in cotonti/cotonti (CVE-2026-55744)
vulnerability in cotonti/cotonti (CVE-2026-55744). Confidential information can be exposed externally.
CVE-2026-55741 Cross-Site Request Forgery (CSRF) in csrf (CVE-2026-55741)
vulnerability in csrf (CVE-2026-55741). Successful exploitation can lead to full system takeover.
CVE-2026-11784 Cross-Site Request Forgery (CSRF) in wordpress (CVE-2026-11784)
vulnerability in wordpress (CVE-2026-11784). Risk of unauthorized operations or information disclosure.
CVE-2026-9591 Cross-Site Request Forgery (CSRF) in csrf (CVE-2026-9591)
vulnerability in csrf (CVE-2026-9591). Risk of unauthorized operations or information disclosure.
CVE-2026-22342 Unauthenticated Cross Site Request Forgery (CSRF) in WordPress Dating Theme <= 11.2.0 versions.
Unauthenticated Cross Site Request Forgery (CSRF) in WordPress Dating Theme <= 11.2.0 versions.
CVE-2024-34810 Cross-Site Request Forgery (CSRF) in csrf (CVE-2024-34810)
vulnerability in csrf (CVE-2024-34810). Risk of unauthorized operations or information disclosure.
CVE-2024-35648 Cross-Site Request Forgery (CSRF) in csrf (CVE-2024-35648)
vulnerability in csrf (CVE-2024-35648). Risk of unauthorized operations or information disclosure.
CVE-2026-46955 Cross-Site Scripting (XSS) in c (CVE-2026-46955)
cross-site scripting in c (CVE-2026-46955). Successful exploitation can lead to full system takeover.
CVE-2026-46894 Cross-Site Request Forgery (CSRF) in c (CVE-2026-46894)
vulnerability in c (CVE-2026-46894). Successful exploitation can lead to full system takeover.
CVE-2026-46869 Cross-Site Request Forgery (CSRF) in c (CVE-2026-46869)
vulnerability in c (CVE-2026-46869). Confidential information can be exposed externally.
CVE-2026-46787 Cross-Site Request Forgery (CSRF) in c (CVE-2026-46787)
vulnerability in c (CVE-2026-46787). Confidential information can be exposed externally.
CVE-2026-46785 Cross-Site Request Forgery (CSRF) in c (CVE-2026-46785)
vulnerability in c (CVE-2026-46785). Confidential information can be exposed externally.
CVE-2026-46786 Cross-Site Request Forgery (CSRF) in c (CVE-2026-46786)
vulnerability in c (CVE-2026-46786). Successful exploitation can lead to full system takeover.
CVE-2026-49043 Unauthenticated Cross Site Request Forgery (CSRF) in WP Migrate Lite <= 2.7.8 versions.
Unauthenticated Cross Site Request Forgery (CSRF) in WP Migrate Lite <= 2.7.8 versions.
CVE-2026-48518 Cross-Site Request Forgery (CSRF) in CVE-2026-48518 (CVE-2026-48518)
vulnerability in CVE-2026-48518 (CVE-2026-48518). Risk of unauthorized operations or information disclosure. Exploitable via `POST /multi-juicer/api/teams/{team}/join`.
CVE-2026-53663 Cross-Site Request Forgery (CSRF) in react-router (CVE-2026-53663)
vulnerability in react-router (CVE-2026-53663). Risk of unauthorized operations or information disclosure. Exploitable via ``createBrowserRouter``. Mitigation: upgrade to `7.15.1` or later.
CVE-2016-20083 Cross-Site Request Forgery (CSRF) in wordpress (CVE-2016-20083)
vulnerability in wordpress (CVE-2016-20083). Risk of unauthorized operations or information disclosure.
CVE-2016-20074 Cross-Site Request Forgery (CSRF) in wordpress (CVE-2016-20074)
vulnerability in wordpress (CVE-2016-20074). Risk of unauthorized operations or information disclosure.
CVE-2016-20067 Cross-Site Request Forgery (CSRF) in wordpress (CVE-2016-20067)
vulnerability in wordpress (CVE-2016-20067). Risk of unauthorized operations or information disclosure.
CVE-2026-54359 Cross-Site Request Forgery (CSRF) in CVE-2026-54359 (CVE-2026-54359)
vulnerability in CVE-2026-54359 (CVE-2026-54359). Risk of unauthorized operations or information disclosure.
CVE-2026-48612 Cross-Site Request Forgery (CSRF) in CVE-2026-48612 (CVE-2026-48612)
vulnerability in CVE-2026-48612 (CVE-2026-48612). Successful exploitation can lead to full system takeover.
CVE-2022-47150 Cross-Site Request Forgery (CSRF) in csrf (CVE-2022-47150)
vulnerability in csrf (CVE-2022-47150). Risk of unauthorized operations or information disclosure.
CVE-2022-44630 Cross-Site Request Forgery (CSRF) in csrf (CVE-2022-44630)
vulnerability in csrf (CVE-2022-44630). Risk of unauthorized operations or information disclosure.
CVE-2024-32110 Cross-Site Request Forgery (CSRF) in csrf (CVE-2024-32110)
vulnerability in csrf (CVE-2024-32110). Risk of unauthorized operations or information disclosure.
CVE-2026-53739 Cross-Site Request Forgery (CSRF) in CVE-2026-53739 (CVE-2026-53739)
vulnerability in CVE-2026-53739 (CVE-2026-53739). Risk of unauthorized operations or information disclosure.
CVE-2026-53736 Cross-Site Request Forgery (CSRF) in CVE-2026-53736 (CVE-2026-53736)
vulnerability in CVE-2026-53736 (CVE-2026-53736). Risk of unauthorized operations or information disclosure.
CVE-2026-49396 Cross-Site Request Forgery (CSRF) in github.com/nezhahq/nezha (CVE-2026-49396)
vulnerability in github.com/nezhahq/nezha (CVE-2026-49396). Data can be tampered with by attackers. Exploitable via `GET /api/v1/cron/`. Mitigation: upgrade to `2.0.14` or later.
CVE-2025-58468 Cross-Site Request Forgery (CSRF) in csrf (CVE-2025-58468)
vulnerability in csrf (CVE-2025-58468). Risk of unauthorized operations or information disclosure.
CVE-2026-39170 Cross-Site Request Forgery (CSRF) in csrf (CVE-2026-39170)
vulnerability in csrf (CVE-2026-39170). Risk of unauthorized operations or information disclosure.
CVE-2026-8909 Cross-Site Request Forgery (CSRF) in wordpress (CVE-2026-8909)
vulnerability in wordpress (CVE-2026-8909). Risk of unauthorized operations or information disclosure.
CVE-2026-8902 Cross-Site Request Forgery (CSRF) in wordpress (CVE-2026-8902)
vulnerability in wordpress (CVE-2026-8902). Risk of unauthorized operations or information disclosure.
CVE-2026-8904 Cross-Site Request Forgery (CSRF) in wordpress (CVE-2026-8904)
vulnerability in wordpress (CVE-2026-8904). Risk of unauthorized operations or information disclosure.

🍪 About cookies

We use cookies to keep you logged in, remember your language, and improve the service.

Details →