Weaknesses of type CWE-352

5,733 results
CVE-2025-1382MEDIUMContact Us By Lord Linus <= 2.6 - Admin+ Stored XSS via CSRFEPSS 0.2%CVE-2025-47462HIGHWordPress Challan plugin <= 3.7.58 - CSRF to Privilege Escalation vulnerabilityEPSS 0.2%CVE-2026-4139MEDIUMmCatFilter <= 0.5.2 - Cross-Site Request Forgery via compute_post() FunctionEPSS 0.2%CVE-2025-22731MEDIUMWordPress Build Private Store For Woocommerce plugin <= 1.0 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2026-40458HIGHCross-Site Request Forgery in PAC4JEPSS 0.2%CVE-2026-40174HIGHMasa CMS CSRF in user address management allows unauthorized address changesEPSS 0.2%CVE-2024-56474MEDIUMIBM TXSeries for Multiplatforms cross-site request forgeryEPSS 0.2%CVE-2021-47702MEDIUMOpenBMCS Cross Site Request Forgery (CSRF) via sendFeedback.phpEPSS 0.2%CVE-2024-38778MEDIUMWordPress WP Fast Total Search <= 1.69.234 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2025-36576LOWDell Wyse Management Suite, versions prior to WMS 5.2, contain a Cross-Site Request Forgery (CSRF) vulnerability. A high privileged attackerEPSS 0.2%CVE-2024-12206MEDIUMWordpress Header Builder Plugin <= 1.3.8 - Cross-Site Request Forgery to Header DeletionEPSS 0.2%CVE-2025-22703HIGHWordPress Forge – Front-End Page Builder plugin <= 1.4.6 - CSRF to Stored Cross Site Scripting (XSS) vulnerabilityEPSS 0.2%CVE-2026-4070MEDIUMAlfie <= 1.2.1 - Cross-Site Request Forgery to Feed Deletion via 'delete' ParameterEPSS 0.2%CVE-2024-57160MEDIUM07FLYCMS V1.3.9 was discovered to contain a Cross-Site Request Forgery (CSRF) via /erp.07fly.net:80/oa/OaTask/edit.html.EPSS 0.2%CVE-2024-47635MEDIUMWordPress TinyPNG plugin <= 3.4.3 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2018-25337MEDIUMJoomla JoomOCShop 1.0 Cross-Site Request ForgeryEPSS 0.2%CVE-2025-30919HIGHWordPress Store Locator Widget plugin <= 2025r2 - CSRF to Stored XSS vulnerabilityEPSS 0.2%CVE-2024-49304MEDIUMWordPress Pinpoint Booking System plugin <= 2.9.9.5.7 - CSRF to Stored Cross Site Scripting (XSS) vulnerabilityEPSS 0.2%CVE-2024-57161MEDIUM07FLYCMS V1.3.9 was discovered to contain a Cross-Site Request Forgery (CSRF) via /erp.07fly.net:80/oa/OaWorkReport/edit.htmlEPSS 0.2%CVE-2025-26211LOWGibbon before 29.0.00 allows CSRF.EPSS 0.2%