Weaknesses of type CWE-352
5,721 resultsCVE-2025-61930HIGHEmlog Pro has CSRF issue that Enables Admin Password ResetEPSS 0.2%CVE-2024-31364MEDIUMWordPress ELEX WooCommerce Dynamic Pricing and Discounts plugin <= 2.1.2 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2024-35138MEDIUMIBM Security Verify Access cross-site request forgeryEPSS 0.2%CVE-2024-31383MEDIUMWordPress PopularFX theme <= 1.2.4 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2024-31388MEDIUMWordPress Tablesome plugin <= 1.0.25 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2024-31250MEDIUMWordPress WP Server Health Stats plugin <= 1.7.3 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2024-30546MEDIUMWordPress Login With Ajax plugin <= 4.1 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2024-31379MEDIUMWordPress Smash Balloon Social Post Feed plugin <= 4.2.1 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2024-31921MEDIUMWordPress Ultimate Product Catalog plugin <= 5.2.15 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2024-30541MEDIUMWordPress LWS Optimize plugin <= 1.9.1 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2024-31428MEDIUMWordPress The Conference theme <= 1.2.0 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2024-31422MEDIUMWordPress Favicon by RealFaviconGenerator plugin <= 1.3.29 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2024-12004MEDIUMWPC Order Notes for WooCommerce <= 1.5.2 - Cross-Site Request Forgery to Reflected Cross-Site ScriptingEPSS 0.2%CVE-2024-31360MEDIUMWordPress Benchmark Email Lite plugin <= 4.1 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2024-31431MEDIUMWordPress Product Input Fields for WooCommerce plugin <= 1.7.0 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2024-40603MEDIUMAn issue was discovered in the ArticleRatings extension for MediaWiki through 1.42.1. Special:ChangeRating allows CSRF to alter data via a GEPSS 0.2%CVE-2023-41864MEDIUMWordPress PeproDev CF7 Database plugin <= 1.8.0 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2024-31239MEDIUMWordPress Nudgify Social Proof, Sales Popup & FOMO plugin <= 1.3.3 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2024-31938MEDIUMWordPress NewsXpress theme <= 1.0.7 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2024-31373MEDIUMWordPress E2Pdf plugin <= 1.20.27 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%