Weaknesses of type CWE-352

5,715 results
CVE-2026-34394HIGHAVideo: CSRF on Admin Plugin Configuration Enables Payment Credential HijackingEPSS 0.2%CVE-2026-5572MEDIUMTechnostrobe HI-LED-WR120-G2 cross-site request forgeryEPSS 0.2%CVE-2023-32792MEDIUMCross-Site Request Forgery on NXLog ManagerEPSS 0.2%CVE-2024-51381HIGHCross-Site Request Forgery (CSRF) vulnerability in JATOS v3.9.3 that allows attackers to perform actions reserved for administrators, includEPSS 0.2%CVE-2024-32693HIGHWordPress Automatic plugin < 3.93.0 - Multiple Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2024-51382HIGHCross-Site Request Forgery (CSRF) vulnerability in JATOS v3.9.3 allows an attacker to reset the administrator's password. This critical secuEPSS 0.2%CVE-2024-6841MEDIUMCSRF in vanna-ai/vannaEPSS 0.2%CVE-2023-6251LOWCSRF in delete_user_messageEPSS 0.2%CVE-2023-38579HIGHWestermo Lynx 206-F2G Cross-Site Request ForgeryEPSS 0.2%CVE-2024-0827MEDIUMPlay.ht – Make Your Blog Posts Accessible With Text to Speech Audio <= 3.6.4 - Cross-Site Request ForgeryEPSS 0.2%CVE-2024-31942MEDIUMWordPress Calendarista Basic Edition plugin <= 3.0.2 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2023-32791MEDIUMCross-Site Request Forgery on NXLog ManagerEPSS 0.2%CVE-2024-50705HIGHUnauthenticated reflected cross-site scripting (XSS) vulnerability in Uniguest Tripleplay before 24.2.1 allows remote attackers to execute aEPSS 0.2%CVE-2020-37158HIGHAVideo Platform 8.1 - Cross Site Request Forgery (Password Reset)EPSS 0.2%CVE-2024-9778MEDIUMImagePress – Image Gallery <= 1.2.2 - Cross-Site Request Forgery to Plugin Settings UpdateEPSS 0.2%CVE-2023-2892MEDIUMWP EasyCart <= 5.4.8 - Cross-Site Request Forgery via process_bulk_delete_productEPSS 0.2%CVE-2023-25707MEDIUMWordPress VikBooking Hotel Booking Engine & PMS Plugin <= 1.5.12 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.2%CVE-2023-23865MEDIUMWordPress Stripe Payments For WooCommerce by Checkout Plugin <= 1.4.10 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.2%CVE-2024-29009MEDIUMCross-site request forgery (CSRF) vulnerability in easy-popup-show all versions allows a remote unauthenticated attacker to hijack the autheEPSS 0.2%CVE-2023-32966MEDIUMWordPress Jazz Popups Plugin <= 1.8.7 is vulnerable to Cross Site Request Forgery (CSRF) leading to Stored XSSEPSS 0.2%