Weaknesses of type CWE-352
5,724 resultsCVE-2024-29773HIGHWordPress BizPrint plugin <= 4.5.5 - CSRF to XSS vulnerabilityEPSS 0.2%CVE-2025-23508HIGHWordPress Extra Options – Favicons plugin <= 1.1.0 - CSRF to Stored XSS vulnerabilityEPSS 0.2%CVE-2024-50466MEDIUMWordPress DarkMySite – Advanced Dark Mode Plugin for WordPress plugin <= 1.2.8 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2025-23511HIGHWordPress WP-BlackCheck plugin <= 2.7.2 - CSRF to Stored Cross Site Scripting (XSS) vulnerabilityEPSS 0.2%CVE-2025-23558HIGHWordPress Geotagged Media plugin <= 0.3.0 - CSRF to Stored XSS vulnerabilityEPSS 0.2%CVE-2025-23430HIGHWordPress Mass Custom Fields Manager plugin <= 1.5 - CSRF to Cross Site Scripting (XSS) vulnerabilityEPSS 0.2%CVE-2025-23445HIGHWordPress Easy Tynt plugin <= 0.2.5.1 - CSRF to Stored Cross Site Scripting (XSS) vulnerabilityEPSS 0.2%CVE-2025-23533HIGHWordPress WP Lyrics plugin <= 0.4.1 - CSRF to Stored XSS vulnerabilityEPSS 0.2%CVE-2025-23424HIGHWordPress Marquee Style RSS News Ticker plugin <= 3.2.0 - CSRF to Stored Cross Site Scripting (XSS) vulnerabilityEPSS 0.2%CVE-2025-6670HIGHCross-Site Request Forgery (CSRF) in Multiple WSO2 Products via HTTP GET in Admin ServicesEPSS 0.2%CVE-2024-51156MEDIUM07FLYCMS V1.3.9 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component 'erp.07fly.net:80/admin/SysNotifyUser/del.htEPSS 0.2%CVE-2024-31093HIGHWordPress Broken Images plugin <= 0.2 - CSRF to XSS vulnerabilityEPSS 0.2%CVE-2024-48031MEDIUMWordPress Featured Posts with Multiple Custom Groups (FPMCG) plugin <= 4.0 - Cross-Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2025-21489MEDIUMVulnerability in the Oracle Advanced Outbound Telephony product of Oracle E-Business Suite (component: Region Mapping). Supported versions EPSS 0.2%CVE-2025-23793HIGHWordPress Auto FTP plugin <= 1.0.1 - CSRF to Stored Cross-Site Scripting vulnerabilityEPSS 0.2%CVE-2025-23501HIGHWordPress Cookie Consent & Autoblock for GDPR/CCPA plugin <= 1.0.1 - CSRF to Stored Cross Site Scripting (XSS) vulnerabilityEPSS 0.2%CVE-2024-13444MEDIUMwp-greet <= 6.2 - Cross-Site Request Forgery to Stored Cross-Site ScriptingEPSS 0.2%CVE-2025-5185MEDIUMSummer Pearl Group Vacation Rental Management Platform cross-site request forgeryEPSS 0.2%CVE-2024-39019MEDIUMidccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/idcProData_deal.php?mudi=delEPSS 0.2%CVE-2024-49250MEDIUMWordPress Table of Contents Plus plugin <= 2408 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%