Weaknesses of type CWE-352

5,733 results
CVE-2025-66529MEDIUMWordPress Chartify plugin <= 3.6.3 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.1%CVE-2025-32545HIGHWordPress WooCommerce Products without featured images Plugin <= 0.1 - CSRF to Reflected Cross Site Scripting (XSS) vulnerabilityEPSS 0.1%CVE-2025-7965MEDIUMCBX Restaurant Booking <= 1.2.1 - Plugin Reset via CSRFEPSS 0.1%CVE-2019-25250MEDIUMDevolo dLAN 500 AV Wireless+ 3.1.0-1 Cross-Site Request ForgeryEPSS 0.1%CVE-2025-13606MEDIUMExport All Posts, Products, Orders, Refunds & Users <= 2.19 - Cross-Site Request Forgery to Sensitive Information ExposureEPSS 0.1%CVE-2018-25298MEDIUMMerge PACS 7.0 Cross-Site Request Forgery via merge-viewerEPSS 0.1%CVE-2026-9618MEDIUMPeachPay <= 1.120.46 - Cross-Site Request Forgery to Stripe UnlinkEPSS 0.1%CVE-2025-0807MEDIUMCITS Support svg, webp Media and TTF,OTF File Upload, Use Custom Fonts <= 4.2 - Cross-Site Request Forgery to Settings UpdateEPSS 0.1%CVE-2024-13710MEDIUMEstatebud – Properties & Listings <= 5.5.0 - Cross-Site Request Forgery to Settings UpdateEPSS 0.1%CVE-2016-20083MEDIUMWordPress More Fields Plugin 2.1 Cross-Site Request ForgeryEPSS 0.1%CVE-2025-0990MEDIUMI Am Gloria <= 1.1.4 - Cross-Site Request ForgeryEPSS 0.1%CVE-2025-23985MEDIUMWordPress Dynamic URL SEO plugin <= 1.0 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.1%CVE-2025-63953MEDIUMA Cross-Site Request Forgery (CSRF) in the /usapi?method=add-user component of Magewell Pro Convert v1.2.213 allows attackers to arbitrarilyEPSS 0.1%CVE-2025-24699HIGHWordPress WP Coder Plugin <= 3.6 - CSRF to Cross Site Scripting (XSS) vulnerabilityEPSS 0.1%CVE-2025-24533MEDIUMWordPress MetaSlider plugin <= 3.92.0 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.1%CVE-2024-13682MEDIUMWallet System for WooCommerce – Wallet, Wallet Cashback, Refunds, Partial Payment, Wallet Restriction <= 2.6.2 - Cross-Site Request ForgeryEPSS 0.1%CVE-2026-29839HIGHDedeCMS v5.7.118 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability in /sys_task_add.php.EPSS 0.1%CVE-2019-25247MEDIUMBeward N100 H.264 VGA IP Camera M2.1.6 CSRF Add Admin VulnerabilityEPSS 0.1%CVE-2025-63060MEDIUMWordPress KALLYAS theme < 4.25.0 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.1%CVE-2025-25071HIGHWordPress Vignette Ads plugin <= 0.2 - CSRF to Stored XSS vulnerabilityEPSS 0.1%