Weaknesses of type CWE-352

5,733 results
CVE-2025-49382HIGHWordPress JobZilla - Job Board WordPress Theme Theme <= 2.0 - Cross Site Request Forgery (CSRF) VulnerabilityEPSS 0.2%CVE-2025-30588HIGHWordPress Map Contact plugin <= 3.0.4 - CSRF to Stored XSS VulnerabilityEPSS 0.2%CVE-2025-30586HIGHWordPress cTabs plugin <= 1.3 - CSRF to Stored XSS VulnerabilityEPSS 0.2%CVE-2024-20940MEDIUMVulnerability in the Oracle Knowledge Management product of Oracle E-Business Suite (component: Create, Update, Authoring Flow). Supported EPSS 0.2%CVE-2025-30572HIGHWordPress Simple Rating plugin <= 1.4 - Cross Site Request Forgery (CSRF) to Stored XSS vulnerabilityEPSS 0.2%CVE-2024-43930MEDIUMWordPress JobSearch WP Job Board WordPress Plugin plugin <= 2.5.3 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2024-6405MEDIUMFloating Social Buttons <= 1.5 - Cross-Site Request ForgeryEPSS 0.2%CVE-2025-9213HIGHTextBuilder 1.0.0 - 1.1.1 - Cross-Site Request Forgery to Privilege Escalation via Account TakeoverEPSS 0.2%CVE-2025-20321MEDIUMMembership State Change in Splunk Search Head Cluster through a Cross-Site Request Forgery (CSRF) in Splunk EnterpriseEPSS 0.2%CVE-2025-30587HIGHWordPress LH OGP Meta plugin <= 1.73 - CSRF to Stored XSS VulnerabilityEPSS 0.2%CVE-2024-49340MEDIUMIBM Watson Studio Local cross-site request forgeryEPSS 0.2%CVE-2024-32538MEDIUMWordPress Easy CountDowner plugin <= 1.0.8 - CSRF to XSS vulnerabilityEPSS 0.2%CVE-2024-20942MEDIUMVulnerability in the Oracle Complex Maintenance, Repair, and Overhaul product of Oracle Supply Chain (component: LOV). Supported versions tEPSS 0.2%CVE-2026-3772HIGHWP Editor <= 1.2.9.2 - Cross-Site Request Forgery to Remote Code Execution via Plugin and Theme File EditorEPSS 0.2%CVE-2024-20934MEDIUMVulnerability in the Oracle Installed Base product of Oracle E-Business Suite (component: Engineering Change Order). Supported versions thaEPSS 0.2%CVE-2026-7615MEDIUMWidget Context <= 1.3.3 - Cross-Site Request Forgery to Settings Update via 'wl' ParameterEPSS 0.2%CVE-2026-6405MEDIUMAnomify AI <= 0.3.6 - Cross-Site Request ForgeryEPSS 0.2%CVE-2025-30583HIGHWordPress Pro Rank Tracker plugin <= 1.0.0 - CSRF to Stored XSS VulnerabilityEPSS 0.2%CVE-2025-30577HIGHWordPress Browser Address Bar Color plugin <= 3.3 - Cross Site Request Forgery (CSRF) to Stored XSS VulnerabilityEPSS 0.2%CVE-2025-26899MEDIUMWordPress Recapture for WooCommerce Plugin <= 1.0.43 - CSRF to Settings Change vulnerabilityEPSS 0.2%