Weaknesses of type CWE-352

5,738 results
CVE-2025-32278MEDIUMWordPress Table Block by RioVizual plugin <= 2.3.1 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.1%CVE-2026-33372MEDIUMAn issue was discovered in Zimbra Collaboration (ZCS) 10.0 and 10.1. A cross-site request forgery (CSRF) vulnerability exists in Zimbra WebmEPSS 0.1%CVE-2025-63717MEDIUMThe change password functionality at /pet_grooming/admin/change_pass.php in SourceCodester Pet Grooming Management Software 1.0 is vulnerablEPSS 0.1%CVE-2025-23989HIGHWordPress Internal Link Builder plugin <= 1.0 - CSRF to Stored XSS vulnerabilityEPSS 0.1%CVE-2025-63710MEDIUMThe send_message.php endpoint in SourceCodester Simple Public Chat Room 1.0 is vulnerable to Cross-Site Request Forgery (CSRF). The applicatEPSS 0.1%CVE-2026-30807HIGHCross-Site Request Forgery on Extension PagesEPSS 0.1%CVE-2025-24001HIGHWordPress PPO Call To Actions plugin <= 0.1.3 - CSRF to Stored XSS vulnerabilityEPSS 0.1%CVE-2022-44630MEDIUMWordPress YITH WooCommerce Product Slider Carousel plugin <= 1.16.0 - Cross-Site Request Forgery (CSRF)EPSS 0.1%CVE-2025-8606LOWGSheetConnector For Gravity Forms <= 1.3.23 - Cross-Site Request Forgery to Arbitrary Plugin Activation/DeactivationEPSS 0.1%CVE-2025-24699HIGHWordPress WP Coder Plugin <= 3.6 - CSRF to Cross Site Scripting (XSS) vulnerabilityEPSS 0.1%CVE-2025-70899MEDIUMPHPgurukul Online Course Registration v3.1 lacks Cross-Site Request Forgery (CSRF) protection on all administrative forms. An attacker can pEPSS 0.1%CVE-2025-22768HIGHWordPress Rocket Media Library Mime Type plugin <= 2.1.0 - CSRF to Stored Cross Site Scripting (XSS) vulnerabilityEPSS 0.1%CVE-2023-30759HIGHThe driver installation package created by Printer Driver Packager NX v1.0.02 to v1.1.25 fails to detect its modification and may spawn an uEPSS 0.1%CVE-2026-28201HIGHSurrealDB Injection on Open NotebookEPSS 0.1%CVE-2025-25168HIGHWordPress BookPress – For Book Authors Plugin <= 1.2.7 - CSRF to Stored XSS vulnerabilityEPSS 0.1%CVE-2025-30968MEDIUMWordPress Advanced Post List plugin <= 0.5.6.2 - Cross Site Request Forgery (CSRF) VulnerabilityEPSS 0.1%CVE-2025-53329HIGHWordPress Społecznościowa 6 PL 2013 plugin <= 2.0.6 - Cross Site Request Forgery (CSRF) VulnerabilityEPSS 0.1%CVE-2025-30632MEDIUMWordPress Global Translator plugin <= 2.0.2 - Cross Site Request Forgery (CSRF) VulnerabilityEPSS 0.1%CVE-2025-57977HIGHWordPress Flexible PDF Invoices for WooCommerce & WordPress Plugin <= 6.0.13 - Cross Site Request Forgery (CSRF) VulnerabilityEPSS 0.1%CVE-2025-23990HIGHWordPress Scroll Styler plugin <= 1.1 - CSRF to Stored XSS vulnerabilityEPSS 0.1%