Weaknesses of type CWE-352

5,721 results
CVE-2023-38579HIGHWestermo Lynx 206-F2G Cross-Site Request ForgeryEPSS 0.2%CVE-2024-31942MEDIUMWordPress Calendarista Basic Edition plugin <= 3.0.2 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2023-32791MEDIUMCross-Site Request Forgery on NXLog ManagerEPSS 0.2%CVE-2024-50705HIGHUnauthenticated reflected cross-site scripting (XSS) vulnerability in Uniguest Tripleplay before 24.2.1 allows remote attackers to execute aEPSS 0.2%CVE-2020-37158HIGHAVideo Platform 8.1 - Cross Site Request Forgery (Password Reset)EPSS 0.2%CVE-2024-9778MEDIUMImagePress – Image Gallery <= 1.2.2 - Cross-Site Request Forgery to Plugin Settings UpdateEPSS 0.2%CVE-2024-51381HIGHCross-Site Request Forgery (CSRF) vulnerability in JATOS v3.9.3 that allows attackers to perform actions reserved for administrators, includEPSS 0.2%CVE-2023-2892MEDIUMWP EasyCart <= 5.4.8 - Cross-Site Request Forgery via process_bulk_delete_productEPSS 0.2%CVE-2023-32792MEDIUMCross-Site Request Forgery on NXLog ManagerEPSS 0.2%CVE-2023-25707MEDIUMWordPress VikBooking Hotel Booking Engine & PMS Plugin <= 1.5.12 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.2%CVE-2025-5033MEDIUMXiaoBingby TeaCMS addUser cross-site request forgeryEPSS 0.2%CVE-2024-37227MEDIUMWordPress Newsletters plugin <= 4.9.7 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2023-32966MEDIUMWordPress Jazz Popups Plugin <= 1.8.7 is vulnerable to Cross Site Request Forgery (CSRF) leading to Stored XSSEPSS 0.2%CVE-2023-22700MEDIUMWordPress PixelYourSite – Your smart PIXEL (TAG) Manager Plugin <= 9.3.0 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.2%CVE-2023-24388MEDIUMWordPress Booking calendar, Appointment Booking System Plugin <= 3.2.3 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.2%CVE-2023-23865MEDIUMWordPress Stripe Payments For WooCommerce by Checkout Plugin <= 1.4.10 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.2%CVE-2022-47612MEDIUMWordPress Participants Database Plugin <= 2.4.5 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.2%CVE-2024-43787MEDIUMHono CSRF middleware can be bypassed using crafted Content-Type headerEPSS 0.2%CVE-2024-29009MEDIUMCross-site request forgery (CSRF) vulnerability in easy-popup-show all versions allows a remote unauthenticated attacker to hijack the autheEPSS 0.2%CVE-2022-47179MEDIUMWordPress OWM Weather Plugin <= 5.6.11 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.2%