Weaknesses of type CWE-352

5,733 results
CVE-2026-6777MEDIUMOther issue in the Networking: DNS componentEPSS 0.2%CVE-2024-48278MEDIUMPhpgurukul User Registration & Login and User Management System 3.2 is vulnerable to Cross Site Request Forgery (CSRF) via /edit-profile.phpEPSS 0.2%CVE-2024-51630HIGHWordPress Responsive Flickr Gallery plugin <= 1.3.1 - CSRF to Stored XSS vulnerabilityEPSS 0.2%CVE-2026-4401MEDIUMDownload Monitor <= 5.1.10 - Cross-Site Request Forgery to Download Path Deletion and DisablingEPSS 0.2%CVE-2025-1435MEDIUMbbPress <= 2.6.11 - Cross-Site Request Forgery to Limited Privilege EscalationEPSS 0.2%CVE-2025-3153MEDIUMConcrete CMS version 9 below 9.4.0RC2 and versions below 8.5.20 - CSRF and XSS in Concrete CMS Custom Address attributeEPSS 0.2%CVE-2025-48921HIGHOpen Social - Moderately critical - Cross Site Request Forgery - SA-CONTRIB-2025-079EPSS 0.2%CVE-2024-7501MEDIUMDownload Plugins and Themes from Dashboard <= 1.8.7 - Cross-Site Request ForgeryEPSS 0.2%CVE-2025-25056MEDIUMCross-site request forgery vulnerability exists in Wi-Fi AP UNIT 'AC-WPS-11ac series'. If a user views a malicious page while logged in, uniEPSS 0.2%CVE-2024-9661MEDIUMWP All Import Pro <= 4.9.7 - Cross-Site Request Forgery to Imported Content DeletionEPSS 0.2%CVE-2025-13871LOWThe feature to manage resources is prone to Cross-Site Request Forgery attacksEPSS 0.2%CVE-2024-54205HIGHWordPress Paloma Widget plugin <= 1.14 - CSRF to Stored XSS vulnerabilityEPSS 0.2%CVE-2025-49511HIGHWordPress Civi Framework plugin <= 2.1.6 - Cross Site Request Forgery (CSRF) to User Deactivation vulnerabilityEPSS 0.2%CVE-2025-46439HIGHWordPress Plugin Central plugin <= 2.5.1 - CSRF to Arbitrary File Deletion vulnerabilityEPSS 0.2%CVE-2026-11214MEDIUMInappropriate implementation in Chrome for iOS in Google Chrome on iOS prior to 149.0.7827.53 allowed a remote attacker to leak cross-originEPSS 0.2%CVE-2023-50900MEDIUMWordPress Master Slider plugin <= 3.9.10 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2025-26902MEDIUMWordPress Brizy Pro plugin <= 2.6.1 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2025-23806HIGHWordPress Ultimate Subscribe Plugin <=1.3 - CSRF to Reflected Cross Site Scripting (XSS) vulnerabilityEPSS 0.2%CVE-2025-47624MEDIUMWordPress DoFollow Case by Case plugin <= 3.5.1 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2025-48255MEDIUMWordPress Broadcast Live Video – Live Streaming : WebRTC, HLS, RTSP, RTMP plugin <= 6.2.4 - Cross Site Request Forgery (CSRF) VulnerabilityEPSS 0.2%