Weaknesses of type CWE-352
5,733 resultsCVE-2024-13438MEDIUMSpeedSize Image & Video AI-Optimizer <= 1.5.1 - Cross-Site Request Forgery to Clear CacheEPSS 0.2%CVE-2025-67013MEDIUMThe web management interface in ETL Systems Ltd DEXTRA Series ' Digital L-Band Distribution System v1.8 does not implement Cross-Site RequesEPSS 0.2%CVE-2024-13718MEDIUMFlexible Wishlist for WooCommerce – Ecommerce Wishlist & Save for later <= 1.2.26 - Cross-Site Request Forgery to Wishlist Creation/ModificationEPSS 0.2%CVE-2025-25074HIGHWordPress WP Social Stream plugin <= 1.1 - CSRF to Stored XSS vulnerabilityEPSS 0.2%CVE-2024-49313HIGHWordPress VKontakte Wall Post plugin <= 2.0 - Cross Site Scripting (XSS) vulnerabilityEPSS 0.2%CVE-2025-39443MEDIUMWordPress Verge3D plugin <= 4.9.0 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2025-3635LOWMoodle: csrf risk in moodle user tours manager allows tour duplicationEPSS 0.2%CVE-2025-4088MEDIUMCross-site request forgery via storage access API redirectsEPSS 0.2%CVE-2025-39437MEDIUMWordPress Anthologize plugin <= 0.8.3 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2024-44028HIGHWordPress NiceJob plugin < 3.6.5 - CSRF to Stored Cross Site Scripting (XSS) vulnerabilityEPSS 0.2%CVE-2025-39438MEDIUMWordPress Theme Changer plugin <= 1.4 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2026-59713HIGHLeantime - OIDC Login CSRF via Unconditional State Verification StubEPSS 0.2%CVE-2026-4527MEDIUMCross-Site Request Forgery (CSRF) in GitLabEPSS 0.2%CVE-2025-39453MEDIUMWordPress Advanced Dynamic Pricing for WooCommerce plugin <= 4.9.3 - Cross Site Request Forgery (CSRF) to Settings Change vulnerabilityEPSS 0.2%CVE-2024-12115MEDIUMPoll Maker <= 5.5.4 - Cross-Site Request Forgery to Poll DuplicationEPSS 0.2%CVE-2025-26903MEDIUMWordPress InPost Gallery plugin <= 2.1.4.3 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2026-6395MEDIUMWord 2 Cash <= 0.9.2 - Cross-Site Request Forgeryto Stored Cross-Site Scripting via Settings PageEPSS 0.2%CVE-2026-22215MEDIUMwpDiscuz before 7.6.47 - Missing CSRF Protection on wpdGetFollowsPageEPSS 0.2%CVE-2025-39425MEDIUMWordPress Style Manager plugin <= 2.2.7 - Cross Site Request Forgery (CSRF) to Settings Change vulnerabilityEPSS 0.2%CVE-2025-39426MEDIUMWordPress illow – Cookies Consent plugin <= 0.2.0 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%