Weaknesses of type CWE-352

5,717 results
CVE-2022-40198MEDIUMWordPress TeraWallet – For WooCommerce Plugin <= 1.3.24 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.2%CVE-2024-24706MEDIUMWordPress WP-CFM Plugin <= 1.7.8 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.2%CVE-2024-2951MEDIUMWordPress RegistrationMagic plugin <= 5.3.0.0 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2025-25106CRITICALWordPress Starter Templates by FancyWP plugin <= 2.0.0 - CSRF to Arbitrary Plugin Installation vulnerabilityEPSS 0.2%CVE-2025-20228MEDIUMMaintenance mode state change of App Key Value Store (KVStore) through a Cross-Site Request Forgery (CSRF) in Splunk EnterpriseEPSS 0.2%CVE-2023-6197MEDIUMAudio Merchant <= 5.0.4 - Cross-Site Request Forgery to Settings Modifcation and Stored Cross-Site ScriptingEPSS 0.2%CVE-2021-36855MEDIUMWordPress Booking Ultra Pro plugin <= 1.1.4 - Cross-Site Scripting (XSS) via Cross-Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2025-6476MEDIUMSourceCodester Gym Management System cross-site request forgeryEPSS 0.2%CVE-2024-54300MEDIUMWordPress AutoWP plugin <= 2.0.8 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2023-25443MEDIUMWordPress Button Generator – easily Button Builder Plugin <= 2.3.5 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.2%CVE-2023-34029MEDIUMWordPress Disable WordPress Update Notifications Plugin <= 2.3.3 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.2%CVE-2024-12220MEDIUMSMS for WooCommerce <= 2.8.1 - Cross-Site Request Forgery to Reflected Cross-Site ScriptingEPSS 0.2%CVE-2025-7133MEDIUMCodeAstro Online Movie Ticket Booking System cross-site request forgeryEPSS 0.2%CVE-2023-7203MEDIUMSmart Forms < 2.6.87 - Subscriber+ Arbitrary Entry DeletionEPSS 0.2%CVE-2024-35555MEDIUMidccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /admin/share_switch.php?mudi=switch&dataType=neEPSS 0.2%CVE-2022-42880MEDIUMWordPress Auto Upload Images Plugin <= 3.3 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.2%CVE-2023-44236MEDIUMWordPress WP Captcha Plugin <= 2.0.0 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.2%CVE-2023-44475MEDIUMWordPress Add Shortcodes Actions And Filters Plugin <= 2.0.9 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.2%CVE-2023-52149MEDIUMWordPress Floating Button Plugin <= 6.0 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.2%CVE-2024-32101MEDIUMWordPress Email Marketing for WooCommerce plugin <= 1.14.3 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%