Weaknesses of type CWE-352
5,728 resultsCVE-2025-30923MEDIUMWordPress Gift Message for WooCommerce plugin <= 1.7.8 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2025-54598MEDIUMThe Bevy Event service through 2025-07-22, as used for eBay Seller Events and other activities, allows CSRF to delete all notifications via EPSS 0.2%CVE-2026-12986HIGHA critical vulnerability in Admin GUI in Payara Server Full 4.x, 5.x, 6.x, 7.x, 7.2026.x, 6.2025.x, 6.2024.x on All platforms that allows thEPSS 0.2%CVE-2020-37106MEDIUMBusiness Live Chat Software 1.0 - Cross-Site Request Forgery (Add Admin)EPSS 0.2%CVE-2025-32273MEDIUMWordPress Freetobook Responsive Widget Plugin <= 1.1 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2024-37242MEDIUMWordPress Newspack Newsletters plugin <= 2.13.2 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2026-46869MEDIUMVulnerability in the MySQL Shell product of Oracle MySQL (component: Shell: Dump and Load). Supported versions that are affected are 8.4.0-EPSS 0.2%CVE-2025-10700MEDIUMAlly - Web Accessibility & Usability <= 3.8.0 - Cross-Site Request Forgery to Plugin Settings UpdateEPSS 0.2%CVE-2024-37272MEDIUMWordPress Travel Monster theme <= 1.1.2 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2025-32270MEDIUMWordPress Broadstreet plugin <= 1.52.1 - Cross Site Request Forgery (CSRF) to Settings Change vulnerabilityEPSS 0.2%CVE-2025-32268MEDIUMWordPress QR Code Tag for WC plugin <= 1.9.42 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2018-25321MEDIUMTP-Link TL-WR720N CSRF via Administrative Interfaces (firmware V1_130719)EPSS 0.2%CVE-2025-1463MEDIUMSpreadsheet Integration <= 3.8.2 - Cross-Site Request Forgery to Arbitrary Post PublishEPSS 0.2%CVE-2024-37448MEDIUMWordPress OnePress theme <= 2.3.6 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2025-32269MEDIUMWordPress WP Zendesk for Contact Form 7, WPForms, Elementor, Formidable and Ninja Forms Plugin <= 1.1.3 - Cross Site Request Forgery (CSRF) to Settings Change vulnerabilityEPSS 0.2%CVE-2024-37431MEDIUMWordPress Mesmerize theme <= 1.6.120 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2025-31880MEDIUMWordPress Pearl plugin <= 1.3.9 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2025-32266MEDIUMWordPress 404 Image Redirection (Replace Broken Images) plugin <= 1.4 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2024-37413MEDIUMWordPress Preschool and Kindergarten theme <= 1.2.1 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2024-37103MEDIUMWordPress Education Zone theme <= 1.3.4 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%