Weaknesses of type CWE-352
5,721 resultsCVE-2024-32773MEDIUMWordPress Royal Elementor Kit theme <= 1.0.116 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2025-30788HIGHWordPress EZ SQL Reports Shortcode Widget and DB Backup plugin <= 5.25.08 - CSRF to SQL Injection vulnerabilityEPSS 0.2%CVE-2024-31371MEDIUMWordPress WP Event Aggregator plugin <= 1.7.6 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2024-31379MEDIUMWordPress Smash Balloon Social Post Feed plugin <= 4.2.1 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2024-31921MEDIUMWordPress Ultimate Product Catalog plugin <= 5.2.15 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2024-31428MEDIUMWordPress The Conference theme <= 1.2.0 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2024-12004MEDIUMWPC Order Notes for WooCommerce <= 1.5.2 - Cross-Site Request Forgery to Reflected Cross-Site ScriptingEPSS 0.2%CVE-2024-31384MEDIUMWordPress Spa and Salon theme <= 1.2.7 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2024-32108MEDIUMWordPress Convert Post Types plugin <= 1.4 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2024-31360MEDIUMWordPress Benchmark Email Lite plugin <= 4.1 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2024-31426MEDIUMWordPress Inline Related Posts plugin <= 3.3.1 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2025-8505MEDIUM495300897 wx-shop cross-site request forgeryEPSS 0.2%CVE-2022-47559HIGHCross-Site Request Forgery in Ormazabal productsEPSS 0.2%CVE-2024-31431MEDIUMWordPress Product Input Fields for WooCommerce plugin <= 1.7.0 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2024-31422MEDIUMWordPress Favicon by RealFaviconGenerator plugin <= 1.3.29 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2024-31939MEDIUMWordPress Import any XML or CSV File to WordPress plugin <= 3.7.3 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2023-41864MEDIUMWordPress PeproDev CF7 Database plugin <= 1.8.0 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2024-31388MEDIUMWordPress Tablesome plugin <= 1.0.25 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2024-40603MEDIUMAn issue was discovered in the ArticleRatings extension for MediaWiki through 1.42.1. Special:ChangeRating allows CSRF to alter data via a GEPSS 0.2%CVE-2024-30541MEDIUMWordPress LWS Optimize plugin <= 1.9.1 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%