Weaknesses of type CWE-352
5,688 resultsCVE-2022-1914—Clean-Contact <= 1.6 - Arbitrary Settings Update to Stored XSS via CSRFEPSS 0.4%CVE-2021-24349—Gallery From Files <= 1.6.0 - Reflected Cross-Site Scripting (XSS)EPSS 0.4%CVE-2022-1594—HC Custom WP-Admin URL <= 1.4 - Arbitrary Settings Update via CSRFEPSS 0.4%CVE-2024-29026HIGHOwncast cross origin requestEPSS 0.4%CVE-2024-3146MEDIUMDedeCMS makehtml_rss_action.php cross-site request forgeryEPSS 0.4%CVE-2022-1844—WP Sentry <= 1.0 - Arbitrary Settings Update to Stored XSS via CSRFEPSS 0.4%CVE-2021-24535—Light Messages <= 1.0 - CSRF to Stored XSSEPSS 0.4%CVE-2022-1653—Social Share Buttons by Supsystic < 2.2.4 - Multiple CSRFEPSS 0.4%CVE-2022-1627—My Private Site < 3.0.8 - Arbitrary Settings Update via CSRFEPSS 0.4%CVE-2022-1847—Rotating Posts <= 1.11 - Arbitrary Settings Update to Stored XSS via CSRFEPSS 0.4%CVE-2022-1913—Add Post URL <= 2.1.0 - Arbitrary Settings Update to Stored XSS via CSRFEPSS 0.4%CVE-2022-1793—Private Files <= 0.40 - Protection Disabling via CSRFEPSS 0.4%CVE-2022-1885—Cimy Header Image Rotator <= 6.1.1 - Arbitrary Settings Update via CSRFEPSS 0.4%CVE-2021-24466—Verse-O-Matic <= 4.1.1 - CSRF to Stored XSSEPSS 0.4%CVE-2022-1845—WP Post Styling < 1.3.1 - Multiple CSRFEPSS 0.4%CVE-2022-1846—Tiny Contact Form <= 0.7 - Arbitrary Settings Update via CSRFEPSS 0.4%CVE-2021-24434—Glass <= 1.3.2 - CSRF to Stored Cross-Site Scripting (XSS)EPSS 0.4%CVE-2022-1895—underConstruction < 1.20 - Construction Mode Deactivation via CSRFEPSS 0.4%CVE-2022-1603—Mail Subscribe List < 2.1.4 - Arbitrary Subscribed User Deletion via CSRFEPSS 0.4%CVE-2022-1712—LiveSync for WordPress <= 1.0 - Arbitrary Settings Update via CSRFEPSS 0.4%