Weaknesses of type CWE-352

5,731 results
CVE-2025-22557HIGHWordPress News Publisher Autopilot plugin <= 2.1.4 - CSRF to Stored XSS vulnerabilityEPSS 0.2%CVE-2025-22685HIGHWordPress Tags to Keywords plugin <= 1.0.1 - CSRF to Stored XSS vulnerabilityEPSS 0.2%CVE-2020-10095HIGHVarious Lexmark devices have CSRF that allows an attacker to modify the configuration of the device.EPSS 0.2%CVE-2024-37438MEDIUMWordPress Uncanny Toolkit Pro for LearnDash plugin < 4.1.4.1 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2025-6459HIGHAds Pro Plugin - Multi-Purpose WordPress Advertising Manager <= 4.89 - Cross-Site Request Forgery to PHP Code Injection in bsaCreateAdTemplateEPSS 0.2%CVE-2024-6673MEDIUMCSRF Vulnerability in parisneo/lollms-webuiEPSS 0.2%CVE-2025-20326MEDIUMCisco Unified Communications Manager Cross-Site Request Forgery VulnerabilityEPSS 0.2%CVE-2024-43265MEDIUMWordPress Analytify plugin <= 5.3.1 - CSRF Leading to Optout VulnerabilityEPSS 0.2%CVE-2025-31601MEDIUMWordPress Appointy Appointment Scheduler plugin <= 4.2.1 - CSRF to Settings Change vulnerabilityEPSS 0.2%CVE-2024-13304MEDIUMMinify JS - Moderately critical - Cross site request forgery - SA-CONTRIB-2024-070EPSS 0.2%CVE-2025-62258HIGHCSRF vulnerability in Headless API in Liferay Portal 7.4.0 through 7.4.3.107, and Liferay DXP 2023.Q3.1 through 2023.Q3.4, 7.4 GA through upEPSS 0.2%CVE-2025-36375MEDIUMIBM DataPower Gateway vulnerable to CSRFEPSS 0.2%CVE-2023-42234MEDIUMPat Infinite Solutions HelpdeskAdvanced <= 11.0.33 is vulnerable to Cross Site Request Forgery (CSRF) via the WSCView function.EPSS 0.2%CVE-2025-31684MEDIUMOAuth2 Client - Moderately critical - Cross Site Request Forgery - SA-CONTRIB-2025-013EPSS 0.2%CVE-2024-12636MEDIUMPrivacy Policy Generator, Terms & Conditions Generator WordPress Plugin : WP Legal Pages <= 3.2.7 - Cross-Site Request ForgeryEPSS 0.2%CVE-2025-22690HIGHWordPress DigiTimber cPanel Integration plugin <= 1.4.6 - CSRF to Stored XSS vulnerabilityEPSS 0.2%CVE-2025-31683MEDIUMGoogle Tag - Moderately critical - Cross Site Request Forgery - SA-CONTRIB-2025-012EPSS 0.2%CVE-2025-22688HIGHWordPress Unlimited Page Sidebars plugin <= 0.2.6 - CSRF to Stored XSS vulnerabilityEPSS 0.2%CVE-2025-31680MEDIUMMatomo Analytics - Moderately critical - Cross site request forgery - SA-CONTRIB-2025-008EPSS 0.2%CVE-2024-53715HIGHWordPress Simple Travel Map plugin <= 0.1 - CSRF to Stored Cross Site Scripting (XSS) vulnerabilityEPSS 0.2%