Weaknesses of type CWE-352
5,731 resultsCVE-2025-32280MEDIUMWordPress WP Project Manager plugin < 2.6.25 - Cross Site Request Forgery (CSRF) VulnerabilityEPSS 0.2%CVE-2026-42286HIGHEmlog: Cross-Site Request Forgery in Admin FunctionsEPSS 0.2%CVE-2025-47462HIGHWordPress Challan plugin <= 3.7.58 - CSRF to Privilege Escalation vulnerabilityEPSS 0.2%CVE-2025-1382MEDIUMContact Us By Lord Linus <= 2.6 - Admin+ Stored XSS via CSRFEPSS 0.2%CVE-2023-2438MEDIUMUserPro <= 5.1.0 - Cross-Site Request Forgery to Stored Cross-Site Scripting via userpro_save_userdataEPSS 0.2%CVE-2025-22731MEDIUMWordPress Build Private Store For Woocommerce plugin <= 1.0 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2026-1165MEDIUMPopup Box <= 6.1.1 - Cross-Site Request Forgery to Popup Status ChangeEPSS 0.2%CVE-2021-47702MEDIUMOpenBMCS Cross Site Request Forgery (CSRF) via sendFeedback.phpEPSS 0.2%CVE-2026-40458HIGHCross-Site Request Forgery in PAC4JEPSS 0.2%CVE-2024-9588MEDIUMCategory and Taxonomy Meta Fields <= 1.0.0 - Cross-Site Request Forgery to Taxonomy Meta Add/DeleteEPSS 0.2%CVE-2025-7379MEDIUMA security bypass vulnerability was found in DataSync Center installed on ADMEPSS 0.2%CVE-2024-5596MEDIUMARMember Premium <= 6.7 - Cross-Site Request Forgery via multiple functionsEPSS 0.2%CVE-2025-14266LOWCSRF in Ercom Cryptobox administration consoleEPSS 0.2%CVE-2024-31613MEDIUMBOSSCMS v3.10 is vulnerable to Cross Site Request Forgery (CSRF) in name="head_code" or name="foot_code."EPSS 0.2%CVE-2026-45317MEDIUMOpen WebUI: Cross-Site Request Forgery (CSRF) via Image URL ManipulationEPSS 0.2%CVE-2024-8477MEDIUMNewsletter, SMTP, Email marketing and Subscribe forms by Brevo (formely Sendinblue) <= 3.1.87 - Cross-Site Request ForgeryEPSS 0.2%CVE-2026-40309HIGHMasa CMS CSRF in trash management allows unauthorized permanent deletion of deleted contentEPSS 0.2%CVE-2026-3499HIGHProduct Feed PRO for WooCommerce by AdTribes – Product Feeds for WooCommerce 13.4.6 - 13.5.2.1 - Cross-Site Request Forgery to Multiple Administrative ActionsEPSS 0.2%CVE-2024-56474MEDIUMIBM TXSeries for Multiplatforms cross-site request forgeryEPSS 0.2%CVE-2026-41317MEDIUMFrappe Press has an unsafe HTTP method / CSRF-adjacent issue on API secret generationEPSS 0.2%