Weaknesses of type CWE-352

5,723 results
CVE-2024-10819HIGHCSRF to XSS in binary-husky/gpt_academicEPSS 0.2%CVE-2024-39163HIGHbinux pyspider up to v0.3.10 was discovered to contain a Cross-Site Request Forgery (CSRF) via the Flask endpoints.EPSS 0.2%CVE-2025-50902HIGHCross Site Request Forgery (CSRF) vulnerability in old-peanut Open-Shop (aka old-peanut/wechat_applet__open_source) thru 1.0.0 allows attackEPSS 0.2%CVE-2023-52122MEDIUMWordPress Simple Job Board Plugin <= 2.10.6 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.2%CVE-2024-54306MEDIUMWordPress AIKCT Engine Chatbot, ChatGPT, Gemini, GPT-4o Best AI Chatbot plugin <= 1.6.2 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2023-52128MEDIUMWordPress White Label Plugin <= 2.9.0 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.2%CVE-2023-52119MEDIUMWordPress Icegram Plugin <= 3.1.18 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.2%CVE-2023-51538MEDIUMWordPress Awesome Support Plugin <= 6.1.5 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.2%CVE-2023-44260MEDIUMWordPress Woocommerce ESTO Plugin <= 2.23.1 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.2%CVE-2025-0393MEDIUMRoyal Elementor Addons and Templates <= 1.7.1006 - Cross-Site Request Forgery to Reflected Cross-Site ScriptingEPSS 0.2%CVE-2024-35773HIGHWordPress Comment Reply Email plugin <= 1.3 - CSRF to Stored XSS vulnerabilityEPSS 0.2%CVE-2024-39153MEDIUMidccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /admin/info_deal.php?mudi=del&dataType=news&datEPSS 0.2%CVE-2023-51354MEDIUMWordPress Webba Booking Plugin <= 4.5.33 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.2%CVE-2024-40332MEDIUMidccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/moneyRecord_deal.php?mudi=delRecordEPSS 0.2%CVE-2024-4204MEDIUMBulk Posts Editing For WordPress <= 4.2.3 - Cross-Site Request ForgeryEPSS 0.2%CVE-2026-1468MEDIUMCross-Site Request Forgery in QuickCMSEPSS 0.2%CVE-2024-3945MEDIUMWP To Do <= 1.3.0 - Cross-Site Request Forgery via wptodo_manage()EPSS 0.2%CVE-2025-68481MEDIUMFastAPI Users Vulnerable to 1-click Account Takeover in Apps Using FastAPI SSOEPSS 0.2%CVE-2023-5602MEDIUMSocial Media Share Buttons & Social Sharing Icons <= 2.8.5 - Cross-Site Request ForgeryEPSS 0.2%CVE-2023-51402MEDIUMWordPress Ultimate Addons for WPBakery Page Builder Plugin <= 3.19.17 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.2%