Weaknesses of type CWE-352

5,733 results
CVE-2026-40864MEDIUMJupyterHub: Cross-origin form POSTs bypass XSRFEPSS 0.2%CVE-2019-25693HIGHResourceSpace 8.6 SQL Injection via collection_edit.phpEPSS 0.2%CVE-2025-49381CRITICALWordPress ads.txt Guru Connect Plugin <= 1.1.1 - Cross Site Request Forgery (CSRF) VulnerabilityEPSS 0.2%CVE-2025-60156CRITICALWordPress AR For WordPress plugin <= 8.34 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2026-14800MEDIUMimhamzaazam ecommerceFlask cross-site request forgeryEPSS 0.2%CVE-2025-54052HIGHWordPress Realtyna Organic IDX plugin <= 5.0.0 - Local File Inclusion VulnerabilityEPSS 0.2%CVE-2026-0818MEDIUMCSS-based exfiltration of the content from partially encrypted emails when allowing remote contentEPSS 0.2%CVE-2025-49399HIGHWordPress NEX-Forms Plugin <= 9.1.3 - Cross Site Request Forgery (CSRF) VulnerabilityEPSS 0.2%CVE-2025-58255CRITICALWordPress Custom Post Type Images Plugin <= 0.5 - Cross Site Request Forgery (CSRF) VulnerabilityEPSS 0.2%CVE-2024-12572MEDIUMHello in All Languages <= 1.0.6 - Cross-Site Request Forgery to Stored Cross-Site ScriptingEPSS 0.2%CVE-2023-53961MEDIUMSOUND4 IMPACT/FIRST/PULSE/Eco v2.x Cross-Site Request ForgeryEPSS 0.2%CVE-2025-7668MEDIUMLinux Promotional Plugin <= 1.4 - Cross-Site Request Forgery to Stored Cross-Site ScriptingEPSS 0.2%CVE-2025-58013HIGHWordPress CouponXxL Theme <= 4.5.0 - Cross Site Request Forgery (CSRF) VulnerabilityEPSS 0.2%CVE-2026-9582MEDIUMSourceCodester CET Automated Grading System with AI Predictive Analytics cross-site request forgeryEPSS 0.2%CVE-2025-59572HIGHWordPress WorkScout-Core Plugin < 1.7.06 - Cross Site Request Forgery (CSRF) VulnerabilityEPSS 0.2%CVE-2025-23617HIGHWordPress Floatbox Plus plugin <= 1.4.4 - CSRF to Stored XSS vulnerabilityEPSS 0.2%CVE-2026-6452MEDIUMBigfishgames Syndicate <= 1.2 - Cross-Site Request Forgery to Settings Reset and UpdateEPSS 0.2%CVE-2024-49629HIGHWordPress Endless Posts Navigation plugin <= 2.2.7 - CSRF to Stored XSS vulnerabilityEPSS 0.2%CVE-2025-28912MEDIUMWordPress Custom Dashboard Page plugin <= 1.0 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2025-28941MEDIUMWordPress SPAM-BYBYE Plugin <= 2.2.4 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%