Weaknesses of type CWE-352

5,725 results
CVE-2024-39641MEDIUMWordPress LearnPress plugin <= 4.2.6.8.2 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2024-35561MEDIUMidccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /admin/ca_deal.php?mudi=add&nohrefStr=close.EPSS 0.2%CVE-2024-33646HIGHWordPress Sticky Anything plugin <= 2.1.5 - Broken Access Control to XSS vulnerabilityEPSS 0.2%CVE-2025-22562MEDIUMWordPress Title Experiments Free plugin <= 9.0.4 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2024-31285HIGHWordPress WordPress Tooltips plugin <= 9.5.3 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2025-22552HIGHWordPress Affiliate Disclosure Statement plugin <= 0.3 - CSRF to Stored XSS vulnerabilityEPSS 0.2%CVE-2025-23569HIGHWordPress Shortcode in Comment plugin <= 1.1.1 - CSRF to Stored XSS vulnerabilityEPSS 0.2%CVE-2025-29929MEDIUMTuleap is missing CSRF protection on tracker hierarchy administrationEPSS 0.2%CVE-2024-5786MEDIUMCross-Site Request Forgery vulnerability in Comtrend routerEPSS 0.2%CVE-2024-13511MEDIUMVariation Swatches for WooCommerce 1.0.8 - 1.3.2 - Cross-Site Request Forgery to Plugin Settings ResetEPSS 0.2%CVE-2024-32958HIGHWordPress Slash Admin plugin <= 3.8.1 - CSRF to XSS vulnerabilityEPSS 0.2%CVE-2025-58468MEDIUMNotification CenterEPSS 0.2%CVE-2025-23577HIGHWordPress Word Freshener plugin <= 1.3 - CSRF to Stored XSS vulnerabilityEPSS 0.2%CVE-2025-23567HIGHWordPress GDReseller plugin <= 1.6 - CSRF to Stored XSS vulnerabilityEPSS 0.2%CVE-2025-23660HIGHWordPress MFPlugin plugin <= 1.3 - CSRF to Cross-Site Scripting vulnerabilityEPSS 0.2%CVE-2025-23566HIGHWordPress Custom Post plugin <= 1.0 - CSRF to Stored XSS vulnerabilityEPSS 0.2%CVE-2025-0796MEDIUMMortgage Lead Capture System <= 8.2.11 - Cross-Site Request Forgery to Settings ResetEPSS 0.2%CVE-2025-23572HIGHWordPress UpDownUpDown plugin <= 1.1 - CSRF to Stored XSS vulnerabilityEPSS 0.2%CVE-2025-9886MEDIUMTrinity Audio <= 5.20.2 - Cross-Site Request ForgeryEPSS 0.2%CVE-2025-23662HIGHWordPress WP Panoramio plugin <= 1.5.0 - CSRF to Cross-Site Scripting vulnerabilityEPSS 0.2%