Weaknesses of type CWE-352

5,733 results
CVE-2025-23640HIGHWordPress Rename Author Slug plugin <= 1.2.0 - CSRF to Stored XSS vulnerabilityEPSS 0.2%CVE-2025-27316MEDIUMWordPress JPG, PNG Compression and Optimization Plugin <= 1.7.35 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2025-23617HIGHWordPress Floatbox Plus plugin <= 1.4.4 - CSRF to Stored XSS vulnerabilityEPSS 0.2%CVE-2024-48341LOWdingfanzu CMS V1.0 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /admin/doAdminAction.php?act=addShopEPSS 0.2%CVE-2025-28910MEDIUMWordPress WP Hide Admin Bar plugin <= 2.0 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2025-28912MEDIUMWordPress Custom Dashboard Page plugin <= 1.0 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2025-27318MEDIUMWordPress Simple Google Sitemap Plugin <= 1.6 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2025-32667HIGHWordPress Doppler Forms plugin <= 2.5.1 - CSRF to Stored XSS vulnerabilityEPSS 0.2%CVE-2024-9434MEDIUMWPGlobus Translate Options <= 2.2.0 - Cross-Site Request Forgery to Stored Cross-Site ScriptingEPSS 0.2%CVE-2025-28909MEDIUMWordPress WP No-Bot Question plugin <= 0.1.7 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2025-57946MEDIUMWordPress payOS plugin <= 1.0.73 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2024-13522MEDIUMmagayo Lottery Results <= 2.0.12 - Cross-Site Request Forgery to Stored Cross-Site ScriptingEPSS 0.2%CVE-2025-28881MEDIUMWordPress Mobile Themes plugin <= 1.1.1 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2024-43339MEDIUMWordPress WordPress Webinar Plugin – WebinarPress plugin <= 1.33.20 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2024-5185HIGHData Poisoning in EmbedAIEPSS 0.2%CVE-2025-28887MEDIUMWordPress Plugins Last Updated Column plugin <= 0.1.3 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2025-53451MEDIUMWordPress Mihdan: No External Links Plugin <= 5.1.6.2 - Cross Site Request Forgery (CSRF) VulnerabilityEPSS 0.2%CVE-2025-27315MEDIUMWordPress All-In-One Cufon Plugin <= 1.3.0 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2025-28940MEDIUMWordPress Back To Top Plugin <= 2.0 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2025-28913MEDIUMWordPress WP Add Active Class To Menu Item plugin <=1.0 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%