Weaknesses of type CWE-352
5,715 resultsCVE-2023-32966MEDIUMWordPress Jazz Popups Plugin <= 1.8.7 is vulnerable to Cross Site Request Forgery (CSRF) leading to Stored XSSEPSS 0.2%CVE-2024-37227MEDIUMWordPress Newsletters plugin <= 4.9.7 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2023-22700MEDIUMWordPress PixelYourSite – Your smart PIXEL (TAG) Manager Plugin <= 9.3.0 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.2%CVE-2023-24388MEDIUMWordPress Booking calendar, Appointment Booking System Plugin <= 3.2.3 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.2%CVE-2024-34816MEDIUMWordPress WPCal.io plugin <= 0.9.5.8 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2022-47612MEDIUMWordPress Participants Database Plugin <= 2.4.5 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.2%CVE-2024-43787MEDIUMHono CSRF middleware can be bypassed using crafted Content-Type headerEPSS 0.2%CVE-2022-47179MEDIUMWordPress OWM Weather Plugin <= 5.6.11 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.2%CVE-2023-23865MEDIUMWordPress Stripe Payments For WooCommerce by Checkout Plugin <= 1.4.10 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.2%CVE-2025-5033MEDIUMXiaoBingby TeaCMS addUser cross-site request forgeryEPSS 0.2%CVE-2022-47148MEDIUMWordPress WooCommerce PDF Invoices & Packing Slips Plugin <= 3.2.5 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.2%CVE-2025-43745MEDIUMA CSRF vulnerability in Liferay Portal 7.4.0 through 7.4.3.132, and Liferay DXP 2025.Q2.0 through 2025.Q2.7, 2025.Q1.0 through 2025.Q1.14, 2EPSS 0.2%CVE-2022-41805MEDIUMWordPress Booster for WooCommerce plugin <= 5.6.6 - Cross-Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2022-3024MEDIUMSimple Bitcoin Faucets <= 1.7.0 - Unauthorised AJAX Call to Stored XSSEPSS 0.2%CVE-2024-22155MEDIUMWordPress WooCommerce plugin <= 8.5.2 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2022-45804MEDIUMWordPress Robo Gallery Plugin <= 3.2.9 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.2%CVE-2023-23899MEDIUMWordPress Extensions For CF7 Plugin <= 2.0.8 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.2%CVE-2024-9365MEDIUMCross-Site Request Forgery (CSRF) in polyaxon/polyaxonEPSS 0.2%CVE-2025-46610HIGHARTEC EMA Mail 6.92 allows CSRF.EPSS 0.2%CVE-2024-24929MEDIUMWordPress WP Contact Form Plugin <= 1.6 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.2%