Weaknesses of type CWE-352
5,726 resultsCVE-2024-32958HIGHWordPress Slash Admin plugin <= 3.8.1 - CSRF to XSS vulnerabilityEPSS 0.2%CVE-2025-23572HIGHWordPress UpDownUpDown plugin <= 1.1 - CSRF to Stored XSS vulnerabilityEPSS 0.2%CVE-2025-23618HIGHWordPress Twitter Shortcode plugin <= 0.9 - CSRF to Stored Cross-Site Scripting vulnerabilityEPSS 0.2%CVE-2025-23573HIGHWordPress WP Background Tile plugin <= 1.0 - CSRF to Stored XSS vulnerabilityEPSS 0.2%CVE-2025-23569HIGHWordPress Shortcode in Comment plugin <= 1.1.1 - CSRF to Stored XSS vulnerabilityEPSS 0.2%CVE-2024-56015HIGHWordPress Tidy Up Plugin <= 1.3 - CSRF to Reflected Cross-Site Scripting vulnerabilityEPSS 0.2%CVE-2025-23649HIGHWordPress Auphonic Importer plugin <= 1.5.1 - CSRF to Stored XSS vulnerabilityEPSS 0.2%CVE-2025-23659HIGHWordPress MercadoLibre Integration plugin <= 1.1 - CSRF to Stored Cross-Site Scripting vulnerabilityEPSS 0.2%CVE-2024-31272MEDIUMWordPress ARForms Form Builder plugin <= 1.6.1 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2024-34367HIGHWordPress Popup Box plugin <= 4.1.2 - CSRF to XSS vulnerabilityEPSS 0.2%CVE-2024-27197HIGHWordPress BeePress plugin <= 6.9.8 - CSRF to Stored Cross Site Scripting (XSS) vulnerabilityEPSS 0.2%CVE-2025-23662HIGHWordPress WP Panoramio plugin <= 1.5.0 - CSRF to Cross-Site Scripting vulnerabilityEPSS 0.2%CVE-2024-13511MEDIUMVariation Swatches for WooCommerce 1.0.8 - 1.3.2 - Cross-Site Request Forgery to Plugin Settings ResetEPSS 0.2%CVE-2025-23660HIGHWordPress MFPlugin plugin <= 1.3 - CSRF to Cross-Site Scripting vulnerabilityEPSS 0.2%CVE-2025-10377MEDIUMSystem Dashboard <= 2.8.20 - Cross-Site Request ForgeryEPSS 0.2%CVE-2024-7574MEDIUMChristmasify! <= 1.5.5 - Cross-Site Request Forgery to Stored Cross-Site ScriptingEPSS 0.2%CVE-2024-31109HIGHWordPress Woocommerce Social Media Share Buttons plugin <= 1.3.0 - CSRF to Cross Site Scripting (XSS) vulnerabilityEPSS 0.2%CVE-2025-23567HIGHWordPress GDReseller plugin <= 1.6 - CSRF to Stored XSS vulnerabilityEPSS 0.2%CVE-2025-22538HIGHWordPress Virtual Bot Plugin <= 1.0.0 - CSRF Cross Site Scripting (XSS) vulnerabilityEPSS 0.2%CVE-2023-45629MEDIUMWordPress Responsive Image Gallery, Gallery Album Plugin <= 2.0.3 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.2%