Weaknesses of type CWE-352

5,735 results
CVE-2025-30612HIGHWordPress Replace Default Words plugin <= 1.3 - Cross Site Request Forgery (CSRF) to Stored XSS vulnerabilityEPSS 0.2%CVE-2025-59110MEDIUMCross-Site Request Forgery in Windu CMSEPSS 0.2%CVE-2024-10581MEDIUMDirectoryPress Frontend <= 2.7.9 - Cross-Site Request Forgery to Listing Status UpdateEPSS 0.2%CVE-2025-30621HIGHWordPress Translator plugin <= 0.3 - CSRF to Stored XSS vulnerabilityEPSS 0.2%CVE-2024-48037MEDIUMWordPress Contact Form Widget plugin <= 1.4.2 - CSRF vulnerabilityEPSS 0.2%CVE-2024-13494MEDIUMWordPress File Upload <= 4.25.2 - Cross-Site Request Forgery in wfu_file_detailsEPSS 0.2%CVE-2024-13718MEDIUMFlexible Wishlist for WooCommerce – Ecommerce Wishlist & Save for later <= 1.2.26 - Cross-Site Request Forgery to Wishlist Creation/ModificationEPSS 0.2%CVE-2025-32263MEDIUMWordPress Sequential Order Numbers for WooCommerce plugin <= 3.6.2 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2024-13336MEDIUMDisable Auto Updates <= 1.4 - Cross-Site Request Forgery to Auto-update DisableEPSS 0.2%CVE-2025-39453MEDIUMWordPress Advanced Dynamic Pricing for WooCommerce plugin <= 4.9.3 - Cross Site Request Forgery (CSRF) to Settings Change vulnerabilityEPSS 0.2%CVE-2026-4527MEDIUMCross-Site Request Forgery (CSRF) in GitLabEPSS 0.2%CVE-2025-39443MEDIUMWordPress Verge3D plugin <= 4.9.0 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2025-4088MEDIUMCross-site request forgery via storage access API redirectsEPSS 0.2%CVE-2024-12115MEDIUMPoll Maker <= 5.5.4 - Cross-Site Request Forgery to Poll DuplicationEPSS 0.2%CVE-2025-26903MEDIUMWordPress InPost Gallery plugin <= 2.1.4.3 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2024-49313HIGHWordPress VKontakte Wall Post plugin <= 2.0 - Cross Site Scripting (XSS) vulnerabilityEPSS 0.2%CVE-2025-39425MEDIUMWordPress Style Manager plugin <= 2.2.7 - Cross Site Request Forgery (CSRF) to Settings Change vulnerabilityEPSS 0.2%CVE-2025-39426MEDIUMWordPress illow – Cookies Consent plugin <= 0.2.0 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2025-3635LOWMoodle: csrf risk in moodle user tours manager allows tour duplicationEPSS 0.2%CVE-2026-59713HIGHLeantime - OIDC Login CSRF via Unconditional State Verification StubEPSS 0.2%