Weaknesses of type CWE-352

5,733 results
CVE-2024-5185HIGHData Poisoning in EmbedAIEPSS 0.2%CVE-2024-12541MEDIUMChative Live chat and Chatbot <= 1.1 - Cross-Site Request Forgery via add_chative_widget_action FunctionEPSS 0.2%CVE-2025-28887MEDIUMWordPress Plugins Last Updated Column plugin <= 0.1.3 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2024-49629HIGHWordPress Endless Posts Navigation plugin <= 2.2.7 - CSRF to Stored XSS vulnerabilityEPSS 0.2%CVE-2025-21550MEDIUMVulnerability in the Oracle Financial Services Behavior Detection Platform product of Oracle Financial Services Applications (component: WebEPSS 0.2%CVE-2025-27290MEDIUMWordPress Select Erima Zarinpal Donate Plugin <= 1.0 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2026-1070MEDIUMAlex User Counter <= 6.0 - Cross-Site Request Forgery to Settings UpdateEPSS 0.2%CVE-2025-28912MEDIUMWordPress Custom Dashboard Page plugin <= 1.0 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2025-28881MEDIUMWordPress Mobile Themes plugin <= 1.1.1 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2025-23627HIGHWordPress Comment-Emailer plugin <= 1.0.5 - CSRF to Stored Cross-Site Scripting vulnerabilityEPSS 0.2%CVE-2024-38776HIGHWordPress WP GoToWebinar plugin <= 15.7 - CSRF to XSS vulnerabilityEPSS 0.2%CVE-2024-43339MEDIUMWordPress WordPress Webinar Plugin – WebinarPress plugin <= 1.33.20 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2025-28910MEDIUMWordPress WP Hide Admin Bar plugin <= 2.0 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2024-48341LOWdingfanzu CMS V1.0 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /admin/doAdminAction.php?act=addShopEPSS 0.2%CVE-2025-27315MEDIUMWordPress All-In-One Cufon Plugin <= 1.3.0 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2026-6452MEDIUMBigfishgames Syndicate <= 1.2 - Cross-Site Request Forgery to Settings Reset and UpdateEPSS 0.2%CVE-2025-28941MEDIUMWordPress SPAM-BYBYE Plugin <= 2.2.4 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2025-23617HIGHWordPress Floatbox Plus plugin <= 1.4.4 - CSRF to Stored XSS vulnerabilityEPSS 0.2%CVE-2025-27317MEDIUMWordPress RAYS Grid Plugin <= 1.3.1 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2025-22297MEDIUMWordPress AI WP Writer plugin <= 3.8.4.4 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%