Weaknesses of type CWE-352
5,725 resultsCVE-2025-20195MEDIUMA vulnerability in the web-based management interface of Cisco IOS XE Software could allow an unauthenticated, remote attacker to perform a EPSS 0.2%CVE-2025-6670HIGHCross-Site Request Forgery (CSRF) in Multiple WSO2 Products via HTTP GET in Admin ServicesEPSS 0.2%CVE-2025-23508HIGHWordPress Extra Options – Favicons plugin <= 1.1.0 - CSRF to Stored XSS vulnerabilityEPSS 0.2%CVE-2025-5185MEDIUMSummer Pearl Group Vacation Rental Management Platform cross-site request forgeryEPSS 0.2%CVE-2024-48031MEDIUMWordPress Featured Posts with Multiple Custom Groups (FPMCG) plugin <= 4.0 - Cross-Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2025-23560HIGHWordPress Web Testimonials plugin <= 1.2 - CSRF to Stored XSS vulnerabilityEPSS 0.2%CVE-2024-29773HIGHWordPress BizPrint plugin <= 4.5.5 - CSRF to XSS vulnerabilityEPSS 0.2%CVE-2025-23533HIGHWordPress WP Lyrics plugin <= 0.4.1 - CSRF to Stored XSS vulnerabilityEPSS 0.2%CVE-2024-31093HIGHWordPress Broken Images plugin <= 0.2 - CSRF to XSS vulnerabilityEPSS 0.2%CVE-2024-51156MEDIUM07FLYCMS V1.3.9 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component 'erp.07fly.net:80/admin/SysNotifyUser/del.htEPSS 0.2%CVE-2025-23435HIGHWordPress Password Protect Plugin for WordPress plugin <= 0.8.1.0 - CSRF to Stored XSS vulnerabilityEPSS 0.2%CVE-2025-23497HIGHWordPress Simple Project Manager plugin <= 1.2.2 - CSRF to Stored Cross Site Scripting (XSS) vulnerabilityEPSS 0.2%CVE-2024-37412MEDIUMWordPress Blossom Shop theme <= 1.1.7 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2025-23557HIGHWordPress Find Your Reps plugin <= 1.2 - CSRF to Stored XSS vulnerabilityEPSS 0.2%CVE-2021-40335MEDIUMCross Site Request Forgery (CSRF) in Hitachi Energy’s MSM ProductEPSS 0.2%CVE-2024-49250MEDIUMWordPress Table of Contents Plus plugin <= 2408 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2015-20117MEDIUMRealtyScript 4.0.2 Cross-Site Request Forgery Unauthorized User CreationEPSS 0.2%CVE-2025-23801HIGHWordPress Style Admin Plugin <= 1.4.3 - CSRF to Stored XSS vulnerabilityEPSS 0.2%CVE-2025-23513HIGHWordPress Bible Embed plugin <= 0.0.4 - CSRF to Stored Cross Site Scripting (XSS) vulnerabilityEPSS 0.2%CVE-2025-23793HIGHWordPress Auto FTP plugin <= 1.0.1 - CSRF to Stored Cross-Site Scripting vulnerabilityEPSS 0.2%