Weaknesses of type CWE-352

5,724 results
CVE-2025-23430HIGHWordPress Mass Custom Fields Manager plugin <= 1.5 - CSRF to Cross Site Scripting (XSS) vulnerabilityEPSS 0.2%CVE-2025-23558HIGHWordPress Geotagged Media plugin <= 0.3.0 - CSRF to Stored XSS vulnerabilityEPSS 0.2%CVE-2024-48031MEDIUMWordPress Featured Posts with Multiple Custom Groups (FPMCG) plugin <= 4.0 - Cross-Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2024-50466MEDIUMWordPress DarkMySite – Advanced Dark Mode Plugin for WordPress plugin <= 1.2.8 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2025-23510HIGHWordPress WordPress Logging Service plugin <= 1.5.4 - CSRF to Stored Cross Site Scripting (XSS) vulnerabilityEPSS 0.2%CVE-2024-29773HIGHWordPress BizPrint plugin <= 4.5.5 - CSRF to XSS vulnerabilityEPSS 0.2%CVE-2025-23801HIGHWordPress Style Admin Plugin <= 1.4.3 - CSRF to Stored XSS vulnerabilityEPSS 0.2%CVE-2025-23499HIGHWordPress Board Election plugin <= 1.0.1 - CSRF to Stored Cross Site Scripting (XSS) vulnerabilityEPSS 0.2%CVE-2024-30545HIGHWordPress Social Author Bio plugin <= 2.4 - Stored XSS via Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2025-23533HIGHWordPress WP Lyrics plugin <= 0.4.1 - CSRF to Stored XSS vulnerabilityEPSS 0.2%CVE-2025-21489MEDIUMVulnerability in the Oracle Advanced Outbound Telephony product of Oracle E-Business Suite (component: Region Mapping). Supported versions EPSS 0.2%CVE-2025-23501HIGHWordPress Cookie Consent & Autoblock for GDPR/CCPA plugin <= 1.0.1 - CSRF to Stored Cross Site Scripting (XSS) vulnerabilityEPSS 0.2%CVE-2025-6670HIGHCross-Site Request Forgery (CSRF) in Multiple WSO2 Products via HTTP GET in Admin ServicesEPSS 0.2%CVE-2025-23442HIGHWordPress Shockingly Big IE6 Warning plugin <= 1.6.3 - CSRF to Stored XSS vulnerabilityEPSS 0.2%CVE-2024-37412MEDIUMWordPress Blossom Shop theme <= 1.1.7 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2026-9303MEDIUMcalcom cal.diy cross-site request forgeryEPSS 0.2%CVE-2024-50534HIGHWordPress World Prayer Time plugin <= 2.0 - CSRF to Reflected Cross Site Scripting (XSS) vulnerabilityEPSS 0.2%CVE-2023-7065MEDIUMStop Spammers Security | Block Spam Users, Comments, Forms <= 2024.4 - Cross-Site Request Forgery (CSRF) via sfs_processEPSS 0.2%CVE-2024-51637HIGHWordPress Admin SMS Alert plugin <= 1.1.0 - CSRF to Stored Cross Site Scripting (XSS) vulnerabilityEPSS 0.2%CVE-2024-51639HIGHWordPress Naver Blog plugin <= 1.0 - CSRF to Stored XSS vulnerabilityEPSS 0.2%