Weaknesses of type CWE-352
5,731 resultsCVE-2024-53736HIGHWordPress Custom Shortcode Sidebars plugin <= 1.2 - CSRF to Stored XSS vulnerabilityEPSS 0.2%CVE-2025-7369MEDIUMShortcodes Ultimate <= 7.4.2 - Cross-Site Request Forgery to Arbitrary Shortcode ExecutionEPSS 0.2%CVE-2026-40926HIGHWWBN AVideo Vulnerable to CSRF in Admin JSON Endpoints (Category CRUD, Plugin Update Script)EPSS 0.2%CVE-2025-11954HIGHCSRF in Sitemio's WISECPEPSS 0.2%CVE-2024-53725HIGHWordPress Post Hits Counter plugin <= 2.8.23 - CSRF to Reflected Cross Site Scripting (XSS) vulnerabilityEPSS 0.2%CVE-2024-6751MEDIUMSocial Auto Poster <= 5.3.14 - Cross-Site Request Forgery via Multiple FunctionsEPSS 0.2%CVE-2025-23708HIGHWordPress DF Draggable plugin <= 1.13.2 - CSRF to Stored XSS vulnerabilityEPSS 0.2%CVE-2026-22202MEDIUMwpDiscuz before 7.6.47 - Destructive GET Action Deletes All Comments by EmailEPSS 0.2%CVE-2025-2935MEDIUMAnti-Spam: Spam Protection | Block Spam Users, Comments, Forms <= 2024.7 - Cross-Site Request Forgery to Multiple Administrative ActionsEPSS 0.2%CVE-2025-49237HIGHWordPress POEditor plugin <= 0.9.10 - CSRF to Arbitrary File Deletion vulnerabilityEPSS 0.2%CVE-2024-10789MEDIUMWP User Profile Avatar <= 1.0.5 - Cross-Site Request Forgery to Settings UpdateEPSS 0.2%CVE-2024-11341MEDIUMSimple Redirection <= 1.5 - Cross-Site Request Forgery to Arbitrary Site RedirectEPSS 0.2%CVE-2024-53727HIGHWordPress LinkLaunder SEO plugin <= 0.92.1 - CSRF to Stored Cross Site Scripting (XSS) vulnerabilityEPSS 0.2%CVE-2024-53734HIGHWordPress Idealien Category Enhancements plugin <= 1.2 - CSRF to Stored XSS vulnerabilityEPSS 0.2%CVE-2025-50036MEDIUMWordPress Mailing Group Listserv plugin <= 3.0.5 - Cross Site Request Forgery (CSRF) VulnerabilityEPSS 0.2%CVE-2024-53723HIGHWordPress Google Plus Share and +1 Button plugin <= 1.0 - CSRF to Stored Cross Site Scripting (XSS) vulnerabilityEPSS 0.2%CVE-2024-53732HIGHWordPress Footer Flyout Widget plugin <= 1.1 - CSRF to Stored XSS vulnerabilityEPSS 0.2%CVE-2021-27701MEDIUMSOCIFI Socifi Guest wifi as SAAS is affected by Cross Site Request Forgery (CSRF) via the Socifi wifi portal. The application does not contaEPSS 0.2%CVE-2024-4403MEDIUMCSRF in restart_program in parisneo/lollms-webuiEPSS 0.2%CVE-2024-56229MEDIUMWordPress SearchIQ plugin <= 4.6 - Cross-Site Requst Forgery (CSRF) vulnerabilityEPSS 0.2%