Weaknesses of type CWE-352

5,720 results
CVE-2024-51653HIGHWordPress UPDATE NOTIFICATIONS plugin <= 0.3.4 - CSRF to Stored Cross Site Scripting (XSS) vulnerabilityEPSS 0.2%CVE-2024-54139HIGHCombodo iTop vulnerable to XSS leading to CSRF breach on _table_id parameterEPSS 0.2%CVE-2023-52555MEDIUMIn mongo-express 1.0.2, /admin allows CSRF, as demonstrated by deletion of a Collection.EPSS 0.2%CVE-2025-64136MEDIUMA cross-site request forgery (CSRF) vulnerability in Jenkins Themis Plugin 1.4.1 and earlier allows attackers to connect to an attacker-specEPSS 0.2%CVE-2024-51642HIGHWordPress Seo Free plugin <= 1.4 - CSRF to Stored XSS vulnerabilityEPSS 0.2%CVE-2024-51654HIGHWordPress APK Downloader plugin <= 1.0.0 - CSRF to Stored Cross Site Scripting (XSS) vulnerabilityEPSS 0.2%CVE-2024-13933HIGHFoodBakery | Delivery Restaurant Directory WordPress Theme <= 4.7 - Cross-Site Request Forgery in Multiple FunctionsEPSS 0.2%CVE-2024-54418MEDIUMWordPress DTC Documents plugin <= 1.1.05 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2024-2416MEDIUMCross-Site Request Forgery vulnerability in Movistar 4G routerEPSS 0.2%CVE-2024-51645HIGHWordPress ThemeFuse Maintenance Mode plugin <= 1.1.3 - CSRF to Stored XSS vulnerabilityEPSS 0.2%CVE-2024-51657HIGHWordPress SmartLink Dynamic URLs plugin <= 1.1.0 - CSRF to Stored XSS vulnerabilityEPSS 0.2%CVE-2025-52841HIGHLaundry 2.3.0 - Account Takeover via CSRFEPSS 0.2%CVE-2024-51644HIGHWordPress Addressbook plugin <= 1.1.3 - CSRF to Stored XSS vulnerabilityEPSS 0.2%CVE-2024-22438LOWHPE OfficeConnect 1820 Network switches, Cross-Site Request Forgery (CSRF)EPSS 0.2%CVE-2024-51648HIGHWordPress e-shops plugin 1.0.3 - CSRF to Reflected Cross Site Scripting (XSS) vulnerabilityEPSS 0.2%CVE-2024-51656HIGHWordPress Flash Show And Hide Box plugin <= 1.6 - CSRF to Stored Cross Site Scripting (XSS) vulnerabilityEPSS 0.2%CVE-2024-51643HIGHWordPress Amazon Associate Filter plugin <= 0.4 - CSRF to Stored XSS vulnerabilityEPSS 0.2%CVE-2024-37306HIGHCVAT's export and backup-related API endpoints are susceptible to CSRFEPSS 0.2%CVE-2024-51641HIGHWordPress Advanced PDF Generator plugin <= 0.4.0 - CSRF to Stored XSS vulnerabilityEPSS 0.2%CVE-2024-51649HIGHWordPress Mobilize plugin <= 3.0.7 - CSRF to Stored Cross Site Scripting (XSS) vulnerabilityEPSS 0.2%