Weaknesses of type CWE-352
5,733 resultsCVE-2024-30154MEDIUMHCL SX is susceptible to a Cross-Site Request Forgery (CSRF) vulnerabilityEPSS 0.1%CVE-2025-13685MEDIUMPhoto Gallery by Ays <= 6.4.8 - Cross-Site Request Forgery to Bulk ActionsEPSS 0.1%CVE-2025-25153HIGHWordPress Simple Auto Tag plugin <= 1.1 - CSRF to Stored XSS vulnerabilityEPSS 0.1%CVE-2025-25135HIGHWordPress Custom Links On Admin Dashboard Toolbar plugin <= 3.3 - CSRF to Stored XSS vulnerabilityEPSS 0.1%CVE-2025-58878MEDIUMWordPress Woocommerce Gifts Product Plugin <= 1.0.0 - Cross Site Request Forgery (CSRF) VulnerabilityEPSS 0.1%CVE-2025-25154HIGHWordPress Custom Comment Notifications plugin <= 1.0.8 - CSRF to Stored XSS vulnerabilityEPSS 0.1%CVE-2026-11148MEDIUMInappropriate implementation in Payments in Google Chrome on Android prior to 149.0.7827.53 allowed a local attacker to leak cross-origin daEPSS 0.1%CVE-2025-25148HIGHWordPress Read More Copy Link plugin <= 1.0.2 - CSRF to Stored XSS vulnerabilityEPSS 0.1%CVE-2025-25156HIGHWordPress Quote Comments plugin <= 3.0.0 - CSRF to Stored XSS vulnerabilityEPSS 0.1%CVE-2025-9617MEDIUMPublish approval <= 1.1 - Cross-Site Request ForgeryEPSS 0.1%CVE-2025-12412MEDIUMTop Bar Notification <= 1.12 - Cross-Site Request Forgery to Stored Cross-Site ScriptingEPSS 0.1%CVE-2025-62771HIGHMercku M6a devices through 2.1.0 allow password changes via intranet CSRF attacks.EPSS 0.1%CVE-2025-25139HIGHWordPress WP Custom Post RSS Feed plugin <= 1.0.0 - CSRF to Stored XSS vulnerabilityEPSS 0.1%CVE-2025-2797MEDIUMWoffice Core <= 5.4.21 - Cross-Site Request Forgery to User Registration ApprovalEPSS 0.1%CVE-2025-25071HIGHWordPress Vignette Ads plugin <= 0.2 - CSRF to Stored XSS vulnerabilityEPSS 0.1%CVE-2025-25152HIGHWordPress Smart DoFollow plugin <= 1.0.2 - CSRF to Stored XSS vulnerabilityEPSS 0.1%CVE-2025-50369MEDIUMA Cross-Site Request Forgery (CSRF) vulnerability exists in the Manage Card functionality (/mcgs/admin/manage-card.php) of PHPGurukul MedicaEPSS 0.1%CVE-2025-50370MEDIUMA Cross-Site Request Forgery (CSRF) vulnerability exists in the Inquiry Management functionality /mcgs/admin/readenq.php of the Phpgurukul MEPSS 0.1%CVE-2025-12416MEDIUMPagerank Tools <= 1.1.5 - Cross-Site Request Forgery to Stored Cross-Site ScriptingEPSS 0.1%CVE-2025-25140HIGHWordPress Simple User Profile plugin <= 1.9 - CSRF to Stored XSS vulnerabilityEPSS 0.1%