Weaknesses of type CWE-352

5,724 results
CVE-2025-8739MEDIUMzhenfeng13 My-Blog save cross-site request forgeryEPSS 0.2%CVE-2024-32449MEDIUMWordPress RestroPress plugin <= 3.1.2 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2024-56140MEDIUMBypass of CSRF Middleware in AstroEPSS 0.2%CVE-2025-49462LOWZoom Clients - Cross-site ScriptingEPSS 0.2%CVE-2024-1361MEDIUMColibri Page Builder <= 1.0.253 - Cross-Site Request Fogery via extend_builderEPSS 0.2%CVE-2025-31005MEDIUMWordPress Easyfonts plugin <= 1.1.2 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2025-30783HIGHWordPress WP Google Review Slider plugin <= 16.0 - CSRF to SQL Injection vulnerabilityEPSS 0.2%CVE-2024-30468MEDIUMWordPress All-In-One Security (AIOS) – Security and Firewall plugin <= 5.2.6 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2024-32450MEDIUMWordPress WpTravelly plugin <= 1.6.0 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2024-46600MEDIUMdingfanzu CMS 1.0 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/doAdminAction.php?act=delCate&id=31EPSS 0.2%CVE-2024-30455MEDIUMWordPress GamiPress plugin <= 6.8.5 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2018-25310MEDIUMVideoFlow Digital Video Protection DVP 2.10 - Authenticated Remote Code ExecutionEPSS 0.2%CVE-2024-32084MEDIUMWordPress Before And After plugin <= 3.9 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2024-42056MEDIUMRetool (self-hosted enterprise) through 3.40.0 inserts resource authentication credentials into sent data. Credentials for users with "Use" EPSS 0.2%CVE-2024-38790MEDIUMWordPress Smartsupp plugin <= 3.6 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2024-10521MEDIUMWordPress Contact Forms by Cimatti <= 1.9.2 - Cross-Site Request Forgery via process_bulk_action FunctionEPSS 0.2%CVE-2024-32095MEDIUMWordPress MultiParcels Shipping For WooCommerce plugin < 1.16.9 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2024-32451MEDIUMWordPress Legal Pages plugin <= 1.4.2 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2024-47315MEDIUMWordPress GiveWP – Donation Plugin and Fundraising Platform plugin <= 3.15.1 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2024-0660MEDIUMFormidable Forms <= 6.7.2 - Cross-Site Request Forgery to Stored Cross-Site ScriptingEPSS 0.2%