Weaknesses of type CWE-352

5,740 results
CVE-2024-13512MEDIUMWonder FontAwesome <= 0.8 - Cross-Site Request Forgery to Stored Cross-Site ScriptingEPSS 0.1%CVE-2024-13293LOWPOST File - Moderately critical - Cross Site Request Forgery - SA-CONTRIB-2024-059EPSS 0.1%CVE-2026-35181MEDIUMWWBN AVideo Affected by CSRF on Player Skin Configuration via admin/playerUpdate.json.phpEPSS 0.1%CVE-2024-56017HIGHWordPress Stop Registration Spam Plugin <= 1.23 - CSRF to Stored XSS vulnerabilityEPSS 0.1%CVE-2025-48483MEDIUMFreeScout Stored XSS leads to CSRFEPSS 0.1%CVE-2018-25170HIGHDoceboLMS 1.2 SQL Injection via lesson.phpEPSS 0.1%CVE-2024-13521MEDIUMMailUp Auto Subscription <= 1.1.0 - Cross-Site Request Forgery to Stored Cross-Site ScriptingEPSS 0.1%CVE-2025-13144MEDIUMContentStudio <= 1.3.7 - Cross-Site Request Forgery to Settings UpdateEPSS 0.1%CVE-2025-31439MEDIUMWordPress Browser Caching with .htaccess 1.2.1 - Cross Site Request Forgery (CSRF) VulnerabilityEPSS 0.1%CVE-2025-14165MEDIUMKirim.Email WooCommerce Integration <= 1.2.9 - Cross-Site Request Forgery to Settings UpdateEPSS 0.1%CVE-2025-4337MEDIUMAHAthat Plugin <= 1.6 - Cross-Site Request Forgery to AHA Page DeletionEPSS 0.1%CVE-2025-59428MEDIUMEspoCRM allows arbitrary user creation via stored SVG injection and CSRFEPSS 0.1%CVE-2025-5925MEDIUMBunny’s Print CSS <= 0.95 - Cross-Site Request Forgery to Settings UpdateEPSS 0.1%CVE-2025-31413MEDIUMWordPress Element Pack Elementor Addons plugin <= 8.3.13 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.1%CVE-2025-11886MEDIUMCTL Arcade Lite <= 1.0 - Cross-Site Request Forgery to Plugin Activation and DeactivationEPSS 0.1%CVE-2026-22359MEDIUMWordPress Wordpress Movies Bulk Importer plugin <= 1.0 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.1%CVE-2025-5933MEDIUMRD Contacto <= 1.4 - Cross-Site Request Forgery to Settings UpdateEPSS 0.1%CVE-2026-34383MEDIUMAdmidio: CSRF and Form Validation Bypass in Inventory Item Save via `imported` ParameterEPSS 0.1%CVE-2026-24542MEDIUMWordPress WP Term Order plugin <= 2.1.0 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.1%CVE-2025-14163MEDIUMPremium Addons for Elementor <= 4.11.53 - Cross-Site Request Forgery via 'insert_inner_template'EPSS 0.1%