Weaknesses of type CWE-352
5,721 resultsCVE-2024-54427HIGHWordPress Category of Posts plugin <= 1.0 - CSRF to Stored XSS vulnerabilityEPSS 0.2%CVE-2024-4543MEDIUMSnippet Shortcodes <= 4.1.4 - Cross-Site Request ForgeryEPSS 0.2%CVE-2024-54429HIGHWordPress Aphorismus plugin <= 1.2.0 - CSRF to Stored XSS vulnerabilityEPSS 0.2%CVE-2024-54331HIGHWordPress I Plant A Tree plugin <= 1.7.3 - CSRF to Stored Cross-Site Scripting vulnerabilityEPSS 0.2%CVE-2024-54415HIGHWordPress WP-HideThat plugin <= 1.2 - CSRF to Stored Cross-Site Scripting vulnerabilityEPSS 0.2%CVE-2024-31303MEDIUMWordPress Sign-up Sheets plugin <= 2.2.11.1 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2024-1909MEDIUMCategorify <= 1.0.7.4 - Cross-Site Request Forgery via categorifyAjaxRenameCategoryEPSS 0.2%CVE-2025-24546MEDIUMWordPress Ultimate Coming Soon & Maintenance plugin <= 1.0.9 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2024-54434HIGHWordPress phZoom plugin <= 1.2.92 - CSRF to Stored XSS vulnerabilityEPSS 0.2%CVE-2024-37118MEDIUMWordPress Uncanny Automator Pro plugin <= 5.3 - Cross Site Request Forgery (CSRF) Leading to License Settings Reset vulnerabilityEPSS 0.2%CVE-2024-54426HIGHWordPress LeaderBoard Plugin plugin <= 1.2.4 - CSRF to Stored Cross-Site Scripting vulnerabilityEPSS 0.2%CVE-2024-54416HIGHWordPress Wp Login with Ajax plugin <= 0.6 - CSRF to Stored Cross-Site Scripting vulnerabilityEPSS 0.2%CVE-2024-54353HIGHWordPress Hack-Info plugin <= 3.17 - CSRF to Stored Cross Site Scripting (XSS) vulnerabilityEPSS 0.2%CVE-2023-32104MEDIUMWordPress MyCurator Content Curation Plugin <= 3.74 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.2%CVE-2024-54421HIGHWordPress Floating Video Player plugin <= 1.0 - CSRF to Stored XSS vulnerabilityEPSS 0.2%CVE-2024-0847MEDIUM5280 Bootstrap Modal Contact Form <= 1.0 - Cross-Site Request Forgery to Bulk Delete MessagesEPSS 0.2%CVE-2024-54439HIGHWordPress Amazon Product Price plugin <= 1.1 - CSRF to Stored XSS vulnerabilityEPSS 0.2%CVE-2024-54423HIGHWordPress Social Media Sharing plugin <= 1.1 - CSRF to Stored XSS vulnerabilityEPSS 0.2%CVE-2024-1912MEDIUMCategorify <= 1.0.7.4 - Cross-Site Request Forgery via categorifyAjaxUpdateFolderPositionEPSS 0.2%CVE-2026-33373HIGHAn issue was discovered in Zimbra Collaboration (ZCS) 10.0 and 10.1. A Cross-Site Request Forgery (CSRF) vulnerability exists in Zimbra Web EPSS 0.2%