Weaknesses of type CWE-352

5,730 results
CVE-2024-49274MEDIUMWordPress VOD Infomaniak plugin <= 1.5.7 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2025-30805MEDIUMWordPress Flexible Cookies plugin <= 1.1.8 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2024-47634MEDIUMWordPress CartBounty plugin <= 8.2 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2024-25905MEDIUMWordPress Multi Step Form Plugin <= 1.7.18 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.2%CVE-2024-12291MEDIUMViewMedica 9 <= 1.4.17 - Cross-Site Request Forgery to Reflected Cross-Site ScriptingEPSS 0.2%CVE-2026-31016MEDIUMCross Site Request Forgery vulnerability in Squidex.io Squidex CMS v.7.21.0 and before allows a remote attacker to escalate privileges via tEPSS 0.2%CVE-2025-30568MEDIUMWordPress Super Static Cache plugin <= 3.3.5 - Cross Site Request Forgery (CSRF) VulnerabilityEPSS 0.2%CVE-2023-45374An issue was discovered in the SportsTeams extension for MediaWiki before 1.35.12, 1.36.x through 1.39.x before 1.39.5, and 1.40.x before 1.EPSS 0.2%CVE-2024-4541MEDIUMCustom Product List Table <= 3.0.0 - Cross-Site Request ForgeryEPSS 0.2%CVE-2024-33646HIGHWordPress Sticky Anything plugin <= 2.1.5 - Broken Access Control to XSS vulnerabilityEPSS 0.2%CVE-2024-39657MEDIUMWordPress Sender plugin <= 2.6.18 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2024-39021MEDIUMidccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /admin/vpsApiData_deal.php?mudi=delEPSS 0.2%CVE-2026-44364CRITICALmisp-modules website - Missing CSRF protection in the website home blueprintEPSS 0.2%CVE-2024-7422MEDIUMTheme My Login <= 7.1.7 - Cross-Site Request Forgery to Settings UpdateEPSS 0.2%CVE-2024-35561MEDIUMidccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /admin/ca_deal.php?mudi=add&nohrefStr=close.EPSS 0.2%CVE-2024-2368MEDIUMMollie Forms <= 2.6.13 - Cross-Site Request Forgery to Arbitrary Post DuplicationEPSS 0.2%CVE-2024-39641MEDIUMWordPress LearnPress plugin <= 4.2.6.8.2 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2024-12218MEDIUMWoocommerce check pincode/zipcode for shipping <= 2.0.4 - Cross-Site Request Forgery to Reflected Cross-Site ScriptingEPSS 0.2%CVE-2024-21044MEDIUMVulnerability in the Oracle Complex Maintenance, Repair, and Overhaul product of Oracle E-Business Suite (component: LOV). Supported versioEPSS 0.2%CVE-2024-21202MEDIUMVulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft (component: PIA Core Technology). Supported versions thEPSS 0.2%