Weaknesses of type CWE-352
5,724 resultsCVE-2024-37540MEDIUMWordPress Leaky Paywall plugin <= 4.21.2 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2024-37240MEDIUMWordPress Falang multilanguage for WordPress plugin <= 1.3.51 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2024-38762MEDIUMWordPress Event Tickets and Registration plugin <= 5.11.0.4 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2025-31404HIGHWordPress AF Tell a Friend plugin <= 1.4 - CSRF to Stored XSS vulnerabilityEPSS 0.2%CVE-2024-12279MEDIUMWP Social AutoConnect <= 4.6.2 - Cross-Site Request Forgery to Reflected Cross-Site ScriptingEPSS 0.2%CVE-2024-38691MEDIUMWordPress Metorik plugin <= 1.7.1 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2024-38763MEDIUMWordPress Popularis Verse theme <= 1.1.1 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2025-31393HIGHWordPress Social Bookmarking RELOADED plugin <= 3.18 - CSRF to Stored XSS vulnerabilityEPSS 0.2%CVE-2025-32479HIGHWordPress Flags Widget plugin <= 1.0.7 - CSRF to Stored XSS vulnerabilityEPSS 0.2%CVE-2024-35554MEDIUMidccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /admin/infoWeb_deal.php?mudi=del&dataType=newsWEPSS 0.2%CVE-2024-37508MEDIUMWordPress Construction Landing Page theme <= 1.3.5 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2026-1075MEDIUMZT Captcha <= 1.0.4 - Cross-Site Request Forgery to Settings UpdateEPSS 0.2%CVE-2024-37518MEDIUMWordPress The Events Calendar plugin <= 6.5.1.4 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2024-37490MEDIUMWordPress Bard theme <= 2.210 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2023-40212MEDIUMWordPress WooCommerce Product Attachment Plugin <= 2.1.8 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.2%CVE-2025-32478HIGHWordPress WP SexyLightBox plugin <= 0.5.3 - CSRF to Stored XSS vulnerabilityEPSS 0.2%CVE-2024-37491MEDIUMWordPress Rife Free theme <= 2.4.18 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2025-31779MEDIUMWordPress Query Wrangler plugin <= 1.5.54 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2026-8419MEDIUMAmazon Scraper <= 1.1 - Cross-Site Request Forgery to Stored Cross-Site Scripting via Settings UpdateEPSS 0.2%CVE-2024-38765MEDIUMWordPress Oceanic theme <= 1.0.48 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%