Weaknesses of type CWE-352

5,717 results
CVE-2023-44475MEDIUMWordPress Add Shortcodes Actions And Filters Plugin <= 2.0.9 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.2%CVE-2023-52149MEDIUMWordPress Floating Button Plugin <= 6.0 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.2%CVE-2023-46776MEDIUMWordPress Auto Excerpt everywhere Plugin <= 1.5 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.2%CVE-2023-51539MEDIUMWordPress Apollo13 Framework Extensions Plugin <= 1.9.1 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.2%CVE-2024-32141MEDIUMWordPress Libsyn Publisher Hub plugin <= 1.4.4 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2023-52121MEDIUMWordPress NitroPack Plugin <= 1.10.2 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.2%CVE-2023-46780MEDIUMWordPress Alter Plugin <= 1.0 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.2%CVE-2024-32435MEDIUMWordPress AffiEasy plugin <= 1.1.4 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2024-32433MEDIUMWordPress BEAF plugin <= 4.5.4 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2022-38075MEDIUMWordPress Mantenimiento web plugin <= 0.13 - Cross-Site Request Forgery (CSRF) vulnerability leading to Stored Cross-Site Scripting (XSS)EPSS 0.2%CVE-2023-46778MEDIUMWordPress Auto Limit Posts Reloaded Plugin <= 2.5 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.2%CVE-2023-51378MEDIUMWordPress Rise Blocks Plugin <= 3.1 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.2%CVE-2024-49621HIGHWordPress APA Register Newsletter Form plugin <= 1.0.0 - CSRF to SQL Injection vulnerabilityEPSS 0.2%CVE-2023-25170MEDIUMPrestaShop has possible CSRF token fixationEPSS 0.2%CVE-2024-54430MEDIUMWordPress EELV Newsletter plugin <= 4.8.2 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2023-5897MEDIUMCross-Site Request Forgery (CSRF) in pkp/customLocaleEPSS 0.2%CVE-2023-23671HIGHWordPress Layer Slider Plugin <= 1.1.9.7 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.2%CVE-2023-51358MEDIUMWordPress Block IPs for Gravity Forms Plugin <= 1.0.1 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.2%CVE-2024-11342MEDIUMSkt NURCaptcha <= 3.5.0 - Cross-Site Request Forgery to Stored Cross-Site ScriptingEPSS 0.2%CVE-2024-4312MEDIUMSoccer Engine – Soccer Plugin for WordPress <= 1.12 - Cross-Site Request ForgeryEPSS 0.2%