Weaknesses of type CWE-352

5,720 results
CVE-2025-24568MEDIUMWordPress Starter Templates plugin <= 4.4.9 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2024-12554MEDIUMPeter’s Custom Anti-Spam <= 3.2.3 - Cross-Site Request Forgery via cas_register_post FunctionEPSS 0.2%CVE-2024-41795MEDIUMA vulnerability has been identified in SENTRON 7KT PAC1260 Data Manager (All versions). The web interface of affected devices is vulnerable EPSS 0.2%CVE-2024-28429MEDIUMDedeCMS v5.7 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via the component /dede/archives_do.phpEPSS 0.2%CVE-2025-27910HIGHtianti v2.3 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /user/ajax/upd/status. This vulnerability allowsEPSS 0.2%CVE-2025-24696MEDIUMWordPress Gutenberg Blocks and Page Layouts Plugin <= 1.9.6 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2025-32547HIGHWordPress All push notification for WP Plugin <= 1.5.3 - CSRF to SQL Injection vulnerabilityEPSS 0.2%CVE-2025-7690MEDIUMAffiliate Plus <= 1.3.2 - Cross-Site Request Forgery to Stored Cross-Site ScriptingEPSS 0.2%CVE-2023-50886MEDIUMWordPress Legal Pages plugin <= 1.3.7 - CSRF + Broken Access Control vulnerabilityEPSS 0.2%CVE-2024-52451HIGHWordPress Post Ideas plugin <= 2 - CSRF to SQL Injection vulnerabilityEPSS 0.2%CVE-2024-4100MEDIUMPricing Table <= 2.0.1 - Cross-Site Request Forgery via ajax()EPSS 0.2%CVE-2025-27012HIGHWordPress A1POST.BG Shipping for Woo plugin <= 1.5 - CSRF to Privilege Escalation vulnerabilityEPSS 0.2%CVE-2024-39155MEDIUMidccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /admin/ipRecord_deal.php?mudi=add.EPSS 0.2%CVE-2026-12158HIGHRegistrationMagic <= 6.0.9.1 - Cross-Site Request Forgery to Privilege Escalation via 'rmc_assign_user_role_action' ParameterEPSS 0.2%CVE-2024-32105MEDIUMWordPress ELEX WooCommerce Dynamic Pricing and Discounts plugin <= 2.1.2 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2024-1906MEDIUMCategorify <= 1.0.7.4 - Cross-Site Request Forgery via categorifyAjaxAddCategoryEPSS 0.2%CVE-2024-32699MEDIUMWordPress YITH WooCommerce Compare plugin <= 2.37.0 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2023-41654MEDIUMWordPress authLdap Plugin <= 2.5.8 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.2%CVE-2025-0669HIGHBOINC Server Cross-Site Request ForgeryEPSS 0.2%CVE-2023-45642MEDIUMWordPress Snap Pixel Plugin <= 1.5.7 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.2%