Weaknesses of type CWE-352

5,733 results
CVE-2025-2168MEDIUMUltimate Store Kit Elementor Addons, Woocommerce Builder, EDD Builder, Elementor Store Builder, Product Grid, Product Table, Woocommerce Slider <= 2.4.1 - Cross-Site Request Forgery to Limited User Meta UpdateEPSS 0.2%CVE-2026-13963LOWInappropriate implementation in DevTools in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who convinced a user to engage inEPSS 0.2%CVE-2024-39744MEDIUMIBM Sterling Connect:Direct Web Services cross-site request forgeryEPSS 0.2%CVE-2024-8319MEDIUMTourfic <= 2.11.20 - Cross-Site Request Forgery in Multiple FunctionsEPSS 0.2%CVE-2024-38731MEDIUMWordPress i-amaze theme <= 1.3.7 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2026-27146HIGHGetSimple CMS: Cross-Site Request Forgery (CSRF) in File Upload Allows Arbitrary UploadsEPSS 0.2%CVE-2024-38764MEDIUMWordPress i-transform theme <= 3.0.9 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2026-6391MEDIUMSentence To SEO (keywords, description and tags) <= 1.0 - Cross-Site Request Forgery to Stored Cross-Site Scripting via Settings Page ParametersEPSS 0.2%CVE-2025-62992MEDIUMWordPress Everest Backup plugin <= 2.3.11 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2024-43336MEDIUMWordPress WP User Manager – User Profile Builder & Membership plugin <= 2.9.10 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2024-54357MEDIUMWordPress Avada theme <= 7.11.10 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2019-25233MEDIUMAVE DOMINAplus 1.10.x Cross-Site Request Forgery and XSS VulnerabilitiesEPSS 0.2%CVE-2025-32678MEDIUMWordPress WP Show Stats plugin <= 1.5 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2024-53751MEDIUMWordPress Build App Online plugin <= 1.0.23 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2026-13944LOWInappropriate implementation in DataTransfer in Google Chrome on Mac prior to 150.0.7871.47 allowed a remote attacker who convinced a user tEPSS 0.2%CVE-2024-56251MEDIUMWordPress Event Espresso plugin <= 5.0.28.decaf - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2025-32482HIGHWordPress Custom Smilies plugin <= 1.2 - CSRF to Stored XSS vulnerabilityEPSS 0.2%CVE-2025-32617HIGHWordPress Multiple Location Google Map plugin <= 1.1 - CSRF to Stored XSS vulnerabilityEPSS 0.2%CVE-2025-32556HIGHWordPress Simple Post Meta Manager Plugin <= 1.0.9 - CSRF to Reflected Cross-Site Scripting vulnerabilityEPSS 0.2%CVE-2025-32559HIGHWordPress REVE Chat plugin <= 6.4.4 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%