CSRF stands for Cross Site Request Forgery is a type of attack in which a malicious website, email, message or any other program causes users to perform unwanted actions on websites that they are visiting at the instant.
Popular PHP frameworks like Laravel have in-built function, called Laravel CSRF protection, which makes the applications highly secured against this attack.
The limitation of any CSRF attack depends upon the vulnerabilities exposed by the application, as it only targets those weaknesses of the application which are prone to the attack.
For example, business oriented login applications are highly vulnerable to the CSRF attack, which are used in various transactional activities.
The CSRF attack can affect your account, changing login credentials, that you use on any ecommerce platform to buy products.