Weaknesses of type CWE-352

5,740 results
CVE-2025-24897HIGHMisskey CSRF vulnerability due to insecure configuration of authentication cookie attributesEPSS 0.1%CVE-2025-49967MEDIUMWordPress Live Sports Streamthunder plugin <= 2.1 - Cross Site Request Forgery (CSRF) VulnerabilityEPSS 0.1%CVE-2025-43296MEDIUMA logic issue was addressed with improved validation. This issue is fixed in macOS Tahoe 26. An app may bypass Gatekeeper checks.EPSS 0.1%CVE-2025-53197MEDIUMWordPress Cookiebot plugin <= 4.5.8 - Cross Site Request Forgery (CSRF) VulnerabilityEPSS 0.1%CVE-2025-31915MEDIUMWordPress Pixel Form BuilderPlugin & Autoresponder plugin <= 1.0.3 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.1%CVE-2025-9945MEDIUMOptimize More! – CSS <= 1.0.3 - Cross-Site Request Forgery to Plugin Settings ResetEPSS 0.1%CVE-2025-49968MEDIUMWordPress XML Travel Portal Widget plugin <= 2.0 - Cross Site Request Forgery (CSRF) VulnerabilityEPSS 0.1%CVE-2025-22634MEDIUMWordPress Easy Booked Plugin <= 2.4.5 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.1%CVE-2026-7047MEDIUMFrontend User Notes <= 2.1.1 - Cross-Site Request Forgery to Note Content Modification via 'confirmEdit' ActionEPSS 0.1%CVE-2025-14906MEDIUMWP Youtube Video Gallery <= 1.0 - Cross-Site Request Forgery to Plugin Settings UpdateEPSS 0.1%CVE-2025-14845MEDIUMNS IE Compatibility Fixer <= 2.1.5 - Cross-Site Request Forgery to Plugin Settings UpdateEPSS 0.1%CVE-2025-53270MEDIUMWordPress CTA plugin <= 1.7.0 - Cross Site Request Forgery (CSRF) VulnerabilityEPSS 0.1%CVE-2026-9730MEDIUMRemove NoFollow Commenter URL <= 1.0 - Cross-Site Request Forgery to Settings UpdateEPSS 0.1%CVE-2025-27355HIGHWordPress Woocommerce – Loi Hamon Plugin <= 1.1.0 - CSRF to Stored XSS vulnerabilityEPSS 0.1%CVE-2025-48497MEDIUMCross-site request forgery vulnerability exists in iroha Board versions v0.10.12 and earlier. If a user accesses a specially crafted URL whiEPSS 0.1%CVE-2026-39436HIGHWordPress CformsII plugin <= 15.1.3 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.1%CVE-2025-22658HIGHWordPress Listings for Appfolio plugin <= 1.2.0 - CSRF to Stored XSS vulnerabilityEPSS 0.1%CVE-2025-48363MEDIUMWordPress Popup for CF7 with Sweet Alert plugin <= 1.6.5 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.1%CVE-2025-58236MEDIUMWordPress Force Update Translations plugin <= 0.5 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.1%CVE-2025-60117MEDIUMWordPress Vehica Core Plugin <= 1.0.100 - Cross Site Request Forgery (CSRF) VulnerabilityEPSS 0.1%