Weaknesses of type CWE-352
5,720 resultsCVE-2023-37974MEDIUMWordPress WP-FB-AutoConnect Plugin <= 4.6.1 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.2%CVE-2023-38381MEDIUMWordPress WP-FlyBox Plugin <= 6.46 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.2%CVE-2023-44997MEDIUMWordPress WP Forms Puzzle Captcha Plugin <= 4.1 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.2%CVE-2023-47652HIGHWordPress Auto Affiliate Links Plugin <= 6.4.2.4 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.2%CVE-2023-45645MEDIUMWordPress WP Open Street Map Plugin <= 1.25 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.2%CVE-2023-40202MEDIUMWordPress WP HTML Mail Plugin <= 3.4.1 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.2%CVE-2023-40561MEDIUMEnhanced Ecommerce Google Analytics for WooCommerceEPSS 0.2%CVE-2026-4118MEDIUMCall To Action Plugin <= 3.1.3 - Cross-Site Request Forgery via Settings UpdateEPSS 0.2%CVE-2023-37973MEDIUMWordPress Replace Word Plugin <= 2.1 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.2%CVE-2023-45831MEDIUMWordPress AMP WP Plugin <= 1.5.15 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.2%CVE-2026-2994LOWConcrete CMS below 9.4.8 is vulnerable to CSRF by a Rogue Admin using the Anti-Spam Allowlist GroupEPSS 0.2%CVE-2025-24543MEDIUMWordPress Ultimate Coming Soon & Maintenance plugin <= 1.0.9 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2025-0810HIGHRead More & Accordion <= 3.4.7 - Cross-Site Request Forgery to Local File InclusionEPSS 0.2%CVE-2024-1338MEDIUMImageRecycle pdf & image compression <= 3.1.13 - Cross-Site Request Forgery to Settings Update in stopOptimizeAllEPSS 0.2%CVE-2023-41668MEDIUMWordPress Leadster Plugin <= 1.1.2 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.2%CVE-2023-41854MEDIUMWordPress wpCentral Plugin <= 1.5.7 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.2%CVE-2023-37387MEDIUMWordPress Classified Listing Plugin <= 2.4.5 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.2%CVE-2023-4729MEDIUMLadiApp: Landing Page, PopupX, Marketing Automation, Affiliate Marketing… <= 4.4 - Cross-Site Request Forgery via publish_lp()EPSS 0.2%CVE-2023-40558MEDIUMWordPress Video Gallery & Management Plugin <= 3.3.5 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.2%CVE-2023-45647MEDIUMWordPress Constant Contact Forms by MailMunch Plugin <= 2.0.10 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.2%