Weaknesses of type CWE-352

5,733 results
CVE-2025-32482HIGHWordPress Custom Smilies plugin <= 1.2 - CSRF to Stored XSS vulnerabilityEPSS 0.2%CVE-2025-70062MEDIUMPHPGurukul Hospital Management System v4.0 contains a Cross-Site Request Forgery (CSRF) vulnerability in the 'Add Doctor' module. The applicEPSS 0.2%CVE-2025-32500HIGHWordPress Codescar Radio Widget plugin <= 0.4.2 - CSRF to Stored Cross Site Scripting (XSS) vulnerabilityEPSS 0.2%CVE-2025-0801MEDIUMRateMyAgent Official <= 1.4.0 - Cross-Site Request Forgery to API Key UpdateEPSS 0.2%CVE-2024-35632MEDIUMWordPress Integration for Constant Contact and Contact Form 7, WPForms, Elementor, Ninja Forms plugin <= 1.1.5 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2025-22300MEDIUMWordPress PixelYourSite plugin <= 10.0.1.2 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2024-43269MEDIUMWordPress Backup and Restore WordPress plugin <= 1.50 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2026-48518MEDIUMMultiJuicer: Login CSRF allows attacker to force victims into their teamEPSS 0.2%CVE-2024-35636MEDIUMWordPress Uploadcare File Uploader and Adaptive Delivery plugin <= 3.0.11 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2025-22301MEDIUMWordPress MyBookTable Bookstore by Stormhill Media plugin <= 3.5.3 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2024-43947MEDIUMWordPress WP Armour Extended plugin <= 1.26 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2024-43340MEDIUMWordPress AFI – The Easiest Integration Plugin plugin <= 1.89.4 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2023-47845MEDIUMWordPress Grab & Save plugin <= 1.0.4 - Cross-Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2024-43337MEDIUMWordPress Brave plugin <= 0.7.0 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2024-43316MEDIUMWordPress Stripe Payments For WooCommerce plugin <= 1.9.1 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2025-53897MEDIUMKiteworks MFT has a Cross-Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2024-43295MEDIUMWordPress WP Data Access plugin <= 5.5.7 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2026-33649HIGHAVideo's GET-Based CSRF in setPermission.json.php Enables Privilege Escalation via Arbitrary Permission ModificationEPSS 0.2%CVE-2026-12740HIGHPlack::Middleware::OAuth versions through 0.10 for Perl do not support the OAuth 2.0 state parameterEPSS 0.2%CVE-2024-35638MEDIUMWordPress ActiveDEMAND plugin <= 0.2.43 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%