Weaknesses of type CWE-352

5,733 results
CVE-2026-28761HIGHCross-site request forgery vulnerability exists in Musetheque V4 Information Disclosure for IPKNOWLEDGE V4L1 rev2203.0 and earlier. If a useEPSS 0.1%CVE-2025-58032MEDIUMWordPress WP Compiler Plugin <= 1.0.0 - Cross Site Request Forgery (CSRF) VulnerabilityEPSS 0.1%CVE-2025-48318MEDIUMWordPress 多说社会化评论框 plugin <= 1.2 - Cross Site Request Forgery (CSRF) to Settings Change vulnerabilityEPSS 0.1%CVE-2025-48310MEDIUMWordPress Table Editor plugin <= 1.6.4 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.1%CVE-2025-57893MEDIUMWordPress WP Fast Total Search Plugin <= 1.79.270 - Cross Site Request Forgery (CSRF) VulnerabilityEPSS 0.1%CVE-2025-52769MEDIUMWordPress flexo-social-gallery Plugin <= 1.0006 - Cross Site Request Forgery (CSRF) VulnerabilityEPSS 0.1%CVE-2025-43748HIGHInsufficient CSRF protection for omni-administrator users in Liferay Portal 7.0.0 through 7.4.3.119, and Liferay DXP 2024.Q1.1 through 2024.EPSS 0.1%CVE-2026-4071MEDIUMBirdSeed <= 2.2.0 - Cross-Site Request Forgery via BirdSeed Token ChangeEPSS 0.1%CVE-2025-58802MEDIUMWordPress TrustMate.io – WooCommerce integration plugin <= 1.16.0 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.1%CVE-2025-47517HIGHWordPress Accept Donations with PayPal plugin <= 1.4.5 - CSRF to Stored XSS vulnerabilityEPSS 0.1%CVE-2024-4128LOWCSRF in firebase-tools emulator suiteEPSS 0.1%CVE-2025-31623HIGHWordPress Rich Text Editor plugin <= 1.0.1 - CSRF to Stored XSS vulnerabilityEPSS 0.1%CVE-2025-27332HIGHWordPress Smart Maintenance & Countdown Plugin <= 1.2 - CSRF to Stored XSS vulnerabilityEPSS 0.1%CVE-2025-54682MEDIUMWordPress Connector for Gravity Forms and Google Sheets Plugin plugin <= 1.2.4 - Cross Site Request Forgery (CSRF) VulnerabilityEPSS 0.1%CVE-2025-58798MEDIUMWordPress BCM Duplicate Menu plugin <= 1.1.3 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.1%CVE-2025-60145MEDIUMWordPress Lenix scss compiler Plugin <= 1.2 - Cross Site Request Forgery (CSRF) VulnerabilityEPSS 0.1%CVE-2025-59568MEDIUMWordPress Zoho Flow Plugin <= 2.14.1 - Cross Site Request Forgery (CSRF) VulnerabilityEPSS 0.1%CVE-2026-2494MEDIUMProfileGrid <= 5.9.8.2 - Cross-Site Request Forgery to Group Membership Request Approval/DenialEPSS 0.1%CVE-2026-9730MEDIUMRemove NoFollow Commenter URL <= 1.0 - Cross-Site Request Forgery to Settings UpdateEPSS 0.1%CVE-2025-60093MEDIUMWordPress Download Manager Plugin <= 3.3.24 - Cross Site Request Forgery (CSRF) VulnerabilityEPSS 0.1%