Weaknesses of type CWE-352
5,728 resultsCVE-2023-52129MEDIUMWordPress teachPress Plugin <= 9.0.4 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.2%CVE-2024-5935MEDIUMCSRF Vulnerability in imartinez/privategptEPSS 0.2%CVE-2025-27454MEDIUMCVE-2025-27454EPSS 0.2%CVE-2024-13337MEDIUMWebcraftic Clearfy – WordPress optimization plugin <= 2.3.2 - Cross-Site Request Forgery to Plugin Settings Update via 'setup-wbcr_clearfy'EPSS 0.2%CVE-2024-12170MEDIUMViewMedica Embed <= 1.4.15 - Cross-Site Request Forgery to SQL InjectionEPSS 0.2%CVE-2026-13422MEDIUMHD Quiz 2.2.0 - 2.2.1 - Cross-Site Request Forgery via Multiple AJAX HandlersEPSS 0.2%CVE-2024-4426MEDIUMComparison Slider <= 1.0.5 - Cross-Site Request ForgeryEPSS 0.2%CVE-2023-6008MEDIUMUserPro <= 5.1.1 - Cross-Site Request Forgery via multiple functionsEPSS 0.2%CVE-2025-23745HIGHWordPress Call me Now plugin <= 1.0.5 - CSRF to Stored XSS vulnerabilityEPSS 0.2%CVE-2025-30769HIGHWordPress WIP WooCarousel Lite plugin <= 1.1.7 - Cross Site Request Forgery (CSRF) to Stored XSS vulnerabilityEPSS 0.2%CVE-2024-12634MEDIUMRelated Posts, Inline Related Posts, Contextual Related Posts, Related Content By PickPlugins <= 2.0.59 - Cross-Site Request Forgery to Stored Cross-Site ScriptingEPSS 0.2%CVE-2025-30550HIGHWordPress CallPhone'r plugin <= 1.1.1 - CSRF to Stored XSS vulnerabilityEPSS 0.2%CVE-2025-44185MEDIUMSourceCodester Best Employee Management System V1.0 is vulnerable to Cross Site Request Forgery (CSRF) in /admin/change_pass.php via the pasEPSS 0.2%CVE-2025-23749HIGHWordPress mybb Last Topics plugin <= 1.0 - CSRF to Stored XSS vulnerabilityEPSS 0.2%CVE-2026-4922HIGHCross-Site Request Forgery (CSRF) in GitLabEPSS 0.2%CVE-2026-33252HIGHMCP Go SDK Allows Cross-Site Tool Execution for HTTP Servers without AuthorizatrionEPSS 0.2%CVE-2025-30565HIGHWordPress banner-manager plugin <= 16.04.19 - CSRF to Stored XSS vulnerabilityEPSS 0.2%CVE-2026-8604HIGHCross-Site request forgery (CSRF) in ScadaBREPSS 0.2%CVE-2024-37213HIGHWordPress AliExpress Dropshipping with AliNext Lite plugin <= 3.4.6 - CSRF to XSS vulnerabilityEPSS 0.2%CVE-2025-30560HIGHWordPress jQuery Dropdown Menu plugin <= 3.0 - CSRF to Stored XSS vulnerabilityEPSS 0.2%