Weaknesses of type CWE-352
5,719 resultsCVE-2024-24876MEDIUMWordPress Admin Menu Editor Plugin <= 1.12 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.2%CVE-2024-3163MEDIUMEasy Property Listings < 3.5.4 - Arbitrary Contact Deletion via CSRFEPSS 0.2%CVE-2023-46775MEDIUMWordPress Original texts Yandex WebMaster Plugin <= 1.18 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.2%CVE-2024-5285MEDIUMWP Affiliate Platform < 6.5.2 - Affiliate Deletion via CSRFEPSS 0.2%CVE-2024-6720MEDIUMLight Poll <= 1.0.0 - Poll Answers Deletion via CSRFEPSS 0.2%CVE-2021-47730HIGHSelea Targa IP Camera Cross-Site Request Forgery via Admin CreationEPSS 0.2%CVE-2025-48340CRITICALWordPress User Profile Meta Manager plugin <= 1.02 - CSRF to Privilege Escalation vulnerabilityEPSS 0.2%CVE-2025-8739MEDIUMzhenfeng13 My-Blog save cross-site request forgeryEPSS 0.2%CVE-2026-22194HIGHGestSup <= 3.2.60 CSRF Allows Privileged ActionsEPSS 0.2%CVE-2024-56140MEDIUMBypass of CSRF Middleware in AstroEPSS 0.2%CVE-2024-8200MEDIUMReviews Feed – Add Testimonials and Customer Reviews From Google Reviews, Yelp, TripAdvisor, and More <= 1.1.2 - Cross-Site Request ForgeryEPSS 0.2%CVE-2024-11417MEDIUMdejure.org Vernetzungsfunktion <= 1.97.5 - Cross-Site Request Forgery to Stored Cross-Site ScriptingEPSS 0.2%CVE-2025-32310HIGHWordPress QuickCal plugin <= 1.0.15 - CSRF to Privilege Escalation vulnerabilityEPSS 0.2%CVE-2024-32449MEDIUMWordPress RestroPress plugin <= 3.1.2 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2025-49462LOWZoom Clients - Cross-site ScriptingEPSS 0.2%CVE-2024-6628MEDIUMEleForms – All In One Form Integration including DB for Elementor <= 2.9.9.9 - Cross-Site Request ForgeryEPSS 0.2%CVE-2024-1361MEDIUMColibri Page Builder <= 1.0.253 - Cross-Site Request Fogery via extend_builderEPSS 0.2%CVE-2025-31005MEDIUMWordPress Easyfonts plugin <= 1.1.2 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2024-30468MEDIUMWordPress All-In-One Security (AIOS) – Security and Firewall plugin <= 5.2.6 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2024-32450MEDIUMWordPress WpTravelly plugin <= 1.6.0 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%