Vulnerabilities

Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.

Filtering: Tag: cwe-352 Clear
ID Title
CVE-2026-15034 Cross-Site Request Forgery (CSRF) in flask (CVE-2026-15034)
vulnerability in flask (CVE-2026-15034). Risk of unauthorized operations or information disclosure.
CVE-2026-12002 Cross-Site Request Forgery (CSRF) in wordpress (CVE-2026-12002)
vulnerability in wordpress (CVE-2026-12002). Risk of unauthorized operations or information disclosure.
CVE-2026-9731 Cross-Site Request Forgery (CSRF) in wordpress (CVE-2026-9731)
vulnerability in wordpress (CVE-2026-9731). Risk of unauthorized operations or information disclosure.
CVE-2026-49471 Vulnerability in flask (CVE-2026-49471)
vulnerability in flask (CVE-2026-49471). Successful exploitation can lead to full system takeover. Exploitable via `Host header`.
CVE-2026-58315 Cross-Site Request Forgery (CSRF) in jvn (CVE-2026-58315)
vulnerability in jvn (CVE-2026-58315). Risk of unauthorized operations or information disclosure.
CVE-2026-34171 Cross-Site Request Forgery (CSRF) in CVE-2026-34171 (CVE-2026-34171)
vulnerability in CVE-2026-34171 (CVE-2026-34171). Confidential information can be exposed externally. Exploitable via `GET /invitations/{uuid}`.
CVE-2026-59713 Cross-Site Request Forgery (CSRF) in csrf (CVE-2026-59713)
vulnerability in csrf (CVE-2026-59713). Confidential information can be exposed externally.
CVE-2026-14800 Cross-Site Request Forgery (CSRF) in CVE-2026-14800 (CVE-2026-14800)
vulnerability in CVE-2026-14800 (CVE-2026-14800). Risk of unauthorized operations or information disclosure.
CVE-2026-59520 Cross-Site Request Forgery (CSRF) in csrf (CVE-2026-59520)
vulnerability in csrf (CVE-2026-59520). Risk of unauthorized operations or information disclosure.
CVE-2026-12746 Cross-Site Request Forgery (CSRF) in CVE-2026-12746 (CVE-2026-12746)
vulnerability in CVE-2026-12746 (CVE-2026-12746). Confidential information can be exposed externally.
CVE-2026-12740 Cross-Site Request Forgery (CSRF) in CVE-2026-12740 (CVE-2026-12740)
vulnerability in CVE-2026-12740 (CVE-2026-12740). Confidential information can be exposed externally.
CVE-2026-14620 Cross-Site Request Forgery (CSRF) in webpackjs (CVE-2026-14620)
vulnerability in webpackjs (CVE-2026-14620). Risk of unauthorized operations or information disclosure.
CVE-2026-57766 Cross-Site Request Forgery (CSRF) in csrf (CVE-2026-57766)
vulnerability in csrf (CVE-2026-57766). Successful exploitation can lead to full system takeover.
CVE-2026-57757 Unauthenticated Cross Site Request Forgery (CSRF) in pCloud WP Backup <= 2.0.2 versions.
Unauthenticated Cross Site Request Forgery (CSRF) in pCloud WP Backup <= 2.0.2 versions.
CVE-2026-57751 Unauthenticated Cross Site Request Forgery (CSRF) in Heateor Social Login <= 1.1.39 versions.
Unauthenticated Cross Site Request Forgery (CSRF) in Heateor Social Login <= 1.1.39 versions.
CVE-2026-57758 Cross-Site Request Forgery (CSRF) in csrf (CVE-2026-57758)
vulnerability in csrf (CVE-2026-57758). Risk of unauthorized operations or information disclosure.
CVE-2026-57747 Unauthenticated Cross Site Request Forgery (CSRF) in Booked <= 3.0.0 versions.
Unauthenticated Cross Site Request Forgery (CSRF) in Booked <= 3.0.0 versions.
CVE-2026-57761 Unauthenticated Cross Site Request Forgery (CSRF) in SEOWP <= 3.12.2 versions.
Unauthenticated Cross Site Request Forgery (CSRF) in SEOWP <= 3.12.2 versions.
CVE-2026-57759 Unauthenticated Cross Site Request Forgery (CSRF) in ProfileGrid <= 5.9.9.7 versions.
Unauthenticated Cross Site Request Forgery (CSRF) in ProfileGrid <= 5.9.9.7 versions.
CVE-2026-57690 Unauthenticated Cross Site Request Forgery (CSRF) in Werkstatt <= 4.7.2 versions.
Unauthenticated Cross Site Request Forgery (CSRF) in Werkstatt <= 4.7.2 versions.
CVE-2026-57723 Cross-Site Request Forgery (CSRF) in csrf (CVE-2026-57723)
vulnerability in csrf (CVE-2026-57723). Risk of unauthorized operations or information disclosure.
CVE-2026-12158 Cross-Site Request Forgery (CSRF) in wordpress (CVE-2026-12158)
vulnerability in wordpress (CVE-2026-12158). Successful exploitation can lead to full system takeover.
CVE-2026-58518 Cross-Site Request Forgery (CSRF) in csrf (CVE-2026-58518)
vulnerability in csrf (CVE-2026-58518). Risk of unauthorized operations or information disclosure.
CVE-2026-11981 Cross-Site Request Forgery (CSRF) in wordpress (CVE-2026-11981)
vulnerability in wordpress (CVE-2026-11981). Risk of unauthorized operations or information disclosure.
CVE-2026-14016 Cross-Site Request Forgery (CSRF) in google (CVE-2026-14016)
vulnerability in google (CVE-2026-14016). Confidential information can be exposed externally.
CVE-2026-13952 Cross-Site Request Forgery (CSRF) in google (CVE-2026-13952)
vulnerability in google (CVE-2026-13952). Risk of unauthorized operations or information disclosure.
CVE-2026-13963 Cross-Site Request Forgery (CSRF) in google (CVE-2026-13963)
vulnerability in google (CVE-2026-13963). Risk of unauthorized operations or information disclosure.
CVE-2026-13944 Cross-Site Request Forgery (CSRF) in google (CVE-2026-13944)
vulnerability in google (CVE-2026-13944). Risk of unauthorized operations or information disclosure.
CVE-2026-13946 Cross-Site Request Forgery (CSRF) in google (CVE-2026-13946)
vulnerability in google (CVE-2026-13946). Risk of unauthorized operations or information disclosure.
CVE-2026-13887 Vulnerability in google (CVE-2026-13887)
vulnerability in google (CVE-2026-13887). Confidential information can be exposed externally.
CVE-2026-13826 Vulnerability in google (CVE-2026-13826)
vulnerability in google (CVE-2026-13826). Confidential information can be exposed externally.
CVE-2026-35096 Cross-Site Request Forgery (CSRF) in csrf (CVE-2026-35096)
vulnerability in csrf (CVE-2026-35096). Risk of unauthorized operations or information disclosure.
CVE-2026-8944 Cross-Site Request Forgery (CSRF) in wordpress (CVE-2026-8944)
vulnerability in wordpress (CVE-2026-8944). Risk of unauthorized operations or information disclosure.
CVE-2026-43735 Cross-Site Request Forgery (CSRF) in apple (CVE-2026-43735)
vulnerability in apple (CVE-2026-43735). Confidential information can be exposed externally.
CVE-2026-31016 Cross-Site Request Forgery (CSRF) in CVE-2026-31016 (CVE-2026-31016)
vulnerability in CVE-2026-31016 (CVE-2026-31016). Risk of unauthorized operations or information disclosure.
CVE-2026-13537 Cross-Site Request Forgery (CSRF) in CVE-2026-13537 (CVE-2026-13537)
vulnerability in CVE-2026-13537 (CVE-2026-13537). Risk of unauthorized operations or information disclosure.
CVE-2026-13422 Cross-Site Request Forgery (CSRF) in wordpress (CVE-2026-13422)
vulnerability in wordpress (CVE-2026-13422). Risk of unauthorized operations or information disclosure.
CVE-2026-52784 Cross-Site Request Forgery (CSRF) in csrf (CVE-2026-52784)
vulnerability in csrf (CVE-2026-52784). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `17.3.3` or later.
CVE-2026-57657 Unauthenticated Cross Site Request Forgery (CSRF) in Gmail SMTP <= 1.2.3.19 versions.
Unauthenticated Cross Site Request Forgery (CSRF) in Gmail SMTP <= 1.2.3.19 versions.
CVE-2026-57655 Unauthenticated Cross Site Request Forgery (CSRF) in Child Theme Wizard <= 1.4 versions.
Unauthenticated Cross Site Request Forgery (CSRF) in Child Theme Wizard <= 1.4 versions.
CVE-2026-57659 Cross-Site Request Forgery (CSRF) in csrf (CVE-2026-57659)
vulnerability in csrf (CVE-2026-57659). Successful exploitation can lead to full system takeover.
CVE-2026-57641 Unauthenticated Cross Site Request Forgery (CSRF) in Real Estate 7 <= 3.5.9 versions.
Unauthenticated Cross Site Request Forgery (CSRF) in Real Estate 7 <= 3.5.9 versions.
CVE-2026-57635 Cross-Site Request Forgery (CSRF) in csrf (CVE-2026-57635)
vulnerability in csrf (CVE-2026-57635). Data can be tampered with by attackers.
CVE-2026-57637 Cross-Site Request Forgery (CSRF) in csrf (CVE-2026-57637)
vulnerability in csrf (CVE-2026-57637). Risk of unauthorized operations or information disclosure.
CVE-2025-68052 Unauthenticated Cross Site Request Forgery (CSRF) in Eagle Booking <= 1.3.4.3 versions.
Unauthenticated Cross Site Request Forgery (CSRF) in Eagle Booking <= 1.3.4.3 versions.
CVE-2026-12986 Cross-Site Request Forgery (CSRF) in ssrf (CVE-2026-12986)
vulnerability in ssrf (CVE-2026-12986). Risk of unauthorized operations or information disclosure.
CVE-2026-57306 Cross-Site Request Forgery (CSRF) in csrf (CVE-2026-57306)
vulnerability in csrf (CVE-2026-57306). Risk of unauthorized operations or information disclosure.
CVE-2026-57305 Cross-Site Request Forgery (CSRF) in csrf (CVE-2026-57305)
vulnerability in csrf (CVE-2026-57305). Risk of unauthorized operations or information disclosure.
CVE-2026-57290 Cross-Site Request Forgery (CSRF) in csrf (CVE-2026-57290)
vulnerability in csrf (CVE-2026-57290). Risk of unauthorized operations or information disclosure.
CVE-2026-57292 Cross-Site Request Forgery (CSRF) in csrf (CVE-2026-57292)
vulnerability in csrf (CVE-2026-57292). Risk of unauthorized operations or information disclosure.

🍪 About cookies

We use cookies to keep you logged in, remember your language, and improve the service.

Details →