Weaknesses of type CWE-352
5,733 resultsCVE-2024-52392MEDIUMWordPress W3SPEEDSTER plugin <= 7.25 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2025-25074HIGHWordPress WP Social Stream plugin <= 1.1 - CSRF to Stored XSS vulnerabilityEPSS 0.2%CVE-2024-13336MEDIUMDisable Auto Updates <= 1.4 - Cross-Site Request Forgery to Auto-update DisableEPSS 0.2%CVE-2025-32261MEDIUMWordPress Advanced All in One Admin Search by WP Spotlight plugin <= 1.1.1 - Cross Site Request Forgery (CSRF) VulnerabilityEPSS 0.2%CVE-2025-30621HIGHWordPress Translator plugin <= 0.3 - CSRF to Stored XSS vulnerabilityEPSS 0.2%CVE-2025-31785MEDIUMWordPress Clearbit Reveal plugin <= 1.0.6 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2025-32263MEDIUMWordPress Sequential Order Numbers for WooCommerce plugin <= 3.6.2 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2025-58997CRITICALWordPress Mow Theme <= 4.10 - Cross Site Request Forgery (CSRF) VulnerabilityEPSS 0.2%CVE-2025-31859MEDIUMWordPress Feedbucket – Website Feedback Tool Plugin <= 1.0.6 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2025-27402MEDIUMTuleap is missing CSRF protections on tracker fields administrative operationsEPSS 0.2%CVE-2025-30620HIGHWordPress WP Odoo Form Integrator plugin <=1.1.0 - CSRF to Stored XSS vulnerabilityEPSS 0.2%CVE-2024-13438MEDIUMSpeedSize Image & Video AI-Optimizer <= 1.5.1 - Cross-Site Request Forgery to Clear CacheEPSS 0.2%CVE-2025-67013MEDIUMThe web management interface in ETL Systems Ltd DEXTRA Series ' Digital L-Band Distribution System v1.8 does not implement Cross-Site RequesEPSS 0.2%CVE-2024-10581MEDIUMDirectoryPress Frontend <= 2.7.9 - Cross-Site Request Forgery to Listing Status UpdateEPSS 0.2%CVE-2026-11981MEDIUMGiveWP <= 4.15.3 - Cross-Site Request ForgeryEPSS 0.2%CVE-2024-48037MEDIUMWordPress Contact Form Widget plugin <= 1.4.2 - CSRF vulnerabilityEPSS 0.2%CVE-2026-3191MEDIUMMinify HTML <= 2.1.12 - Cross-Site Request Forgery to Plugin Settings UpdateEPSS 0.2%CVE-2026-1088MEDIUMLogin Page Editor <= 1.2 - Cross-Site Request Forgery to Settings UpdateEPSS 0.2%CVE-2024-13494MEDIUMWordPress File Upload <= 4.25.2 - Cross-Site Request Forgery in wfu_file_detailsEPSS 0.2%CVE-2024-13718MEDIUMFlexible Wishlist for WooCommerce – Ecommerce Wishlist & Save for later <= 1.2.26 - Cross-Site Request Forgery to Wishlist Creation/ModificationEPSS 0.2%