Weaknesses of type CWE-352

5,733 results
CVE-2025-62258HIGHCSRF vulnerability in Headless API in Liferay Portal 7.4.0 through 7.4.3.107, and Liferay DXP 2023.Q3.1 through 2023.Q3.4, 7.4 GA through upEPSS 0.2%CVE-2025-36375MEDIUMIBM DataPower Gateway vulnerable to CSRFEPSS 0.2%CVE-2025-22690HIGHWordPress DigiTimber cPanel Integration plugin <= 1.4.6 - CSRF to Stored XSS vulnerabilityEPSS 0.2%CVE-2025-22688HIGHWordPress Unlimited Page Sidebars plugin <= 0.2.6 - CSRF to Stored XSS vulnerabilityEPSS 0.2%CVE-2024-13304MEDIUMMinify JS - Moderately critical - Cross site request forgery - SA-CONTRIB-2024-070EPSS 0.2%CVE-2025-22685HIGHWordPress Tags to Keywords plugin <= 1.0.1 - CSRF to Stored XSS vulnerabilityEPSS 0.2%CVE-2024-53722HIGHWordPress Favicon My Blog plugin <= 1.0.2 - CSRF to Stored Cross Site Scripting (XSS) vulnerabilityEPSS 0.2%CVE-2024-53724HIGHWordPress IceStats plugin <= 1.3 - CSRF to Stored Cross Site Scripting (XSS) vulnerabilityEPSS 0.2%CVE-2024-53725HIGHWordPress Post Hits Counter plugin <= 2.8.23 - CSRF to Reflected Cross Site Scripting (XSS) vulnerabilityEPSS 0.2%CVE-2026-40926HIGHWWBN AVideo Vulnerable to CSRF in Admin JSON Endpoints (Category CRUD, Plugin Update Script)EPSS 0.2%CVE-2024-53726HIGHWordPress RealtyCandy IDX Broker Extended plugin <= 1.5.1 - CSRF to Stored Cross Site Scripting (XSS) vulnerabilityEPSS 0.2%CVE-2024-53734HIGHWordPress Idealien Category Enhancements plugin <= 1.2 - CSRF to Stored XSS vulnerabilityEPSS 0.2%CVE-2024-6751MEDIUMSocial Auto Poster <= 5.3.14 - Cross-Site Request Forgery via Multiple FunctionsEPSS 0.2%CVE-2024-56229MEDIUMWordPress SearchIQ plugin <= 4.6 - Cross-Site Requst Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2024-49672HIGHWordPress Google Docs RSVP plugin <= 2.0.1 - CSRF to Stored Cross Site Scripting (XSS) vulnerabilityEPSS 0.2%CVE-2024-53727HIGHWordPress LinkLaunder SEO plugin <= 0.92.1 - CSRF to Stored Cross Site Scripting (XSS) vulnerabilityEPSS 0.2%CVE-2025-28954HIGHWordPress Backwp plugin <= 2.0.2 - CSRF to Arbitrary File Deletion vulnerabilityEPSS 0.2%CVE-2024-37426MEDIUMWordPress Elegant Pink theme 1.3.0 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2024-53720HIGHWordPress WP-ISPConfig 3 plugin <= 1.5.6 - CSRF to Stored XSS vulnerabilityEPSS 0.2%CVE-2025-50036MEDIUMWordPress Mailing Group Listserv plugin <= 3.0.5 - Cross Site Request Forgery (CSRF) VulnerabilityEPSS 0.2%