Weaknesses of type CWE-352

5,719 results
CVE-2024-28667MEDIUMDedeCMS v5.7 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via the component /dede/templets_one_edit.phpEPSS 0.2%CVE-2024-32092MEDIUMWordPress Kimili Flash Embed plugin <= 2.5.3 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2024-32452MEDIUMWordPress Shopping Cart & eCommerce Store plugin <= 5.5.19 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2024-30521MEDIUMWordPress Landingi Landing Pages plugin <= 3.1.1 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2024-32093MEDIUMWordPress Novelist plugin <= 1.2.2 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2024-32103MEDIUMWordPress Siteimprove plugin <= 2.0.6 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2024-31941MEDIUMWordPress CP Media Player plugin <= 1.1.3 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2024-32446MEDIUMWordPress Wallet System for WooCommerce plugin <= 2.5.9 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2024-32097MEDIUMWordPress GEO my WordPress plugin <= 4.1 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2026-4118MEDIUMCall To Action Plugin <= 3.1.3 - Cross-Site Request Forgery via Settings UpdateEPSS 0.2%CVE-2023-45048MEDIUMWordPress Social proof testimonials and reviews by Repuso Plugin <= 5.00 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.2%CVE-2023-27448MEDIUMWordPress MakeStories (for Google Web Stories) Plugin <= 2.8.0 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.2%CVE-2023-45645MEDIUMWordPress WP Open Street Map Plugin <= 1.25 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.2%CVE-2024-42609HIGHPligg CMS v2.0.2 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/admin_backup.php?dobackup=avatarsEPSS 0.2%CVE-2023-27433MEDIUMWordPress Make Paths Relative Plugin <= 1.3.0 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.2%CVE-2023-47516HIGHWordPress Category Post List Widget Plugin <= 2.0 is vulnerable to Cross Site Scripting (XSS)EPSS 0.2%CVE-2023-45060MEDIUMWordPress Interactive World Map Plugin <= 3.2.0 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.2%CVE-2025-24698MEDIUMWordPress Essential Real Estate plugin <= 5.1.8 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2023-45102MEDIUMWordPress Blog Manager Light Plugin <= 1.20 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.2%CVE-2023-3055MEDIUMPage Builder by AZEXO <= 1.27.133 - Cross-Site Request Forgery to Stored Cross-Site Scripting via azh_saveEPSS 0.2%