Weaknesses of type CWE-352
5,733 resultsCVE-2026-1503MEDIUMlogin_register <= 1.2.0 - Cross-Site Request Forgery to Stored Cross-Site ScriptingEPSS 0.1%CVE-2025-27339MEDIUMWordPress Minimum Password Strength Plugin <= 1.2.0 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.1%CVE-2025-27353MEDIUMWordPress Namaste! LMS Plugin <= 2.6.5 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.1%CVE-2025-32265MEDIUMWordPress JobWP plugin <= 2.3.9 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.1%CVE-2025-32267MEDIUMWordPress WP to Hootsuite plugin <= 1.5.8 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.1%CVE-2019-25238MEDIUMV-SOL GPON/EPON OLT Platform 2.03 Cross-Site Request Forgery VulnerabilityEPSS 0.1%CVE-2025-32274MEDIUMWordPress w3all phpBB integration Plugin <= 2.9.8 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.1%CVE-2025-31447MEDIUMWordPress NertWorks All in One Social Share Tools plugin <=1.26 - Cross Site Request Forgery (CSRF) VulnerabilityEPSS 0.1%CVE-2025-27335MEDIUMWordPress Auto Tag Links Plugin <= 1.0.13 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.1%CVE-2018-25334MEDIUMZechat 1.5 Cross-Site Request Forgery (CSRF) via hashtag parameterEPSS 0.1%CVE-2025-27344MEDIUMWordPress Phee's LinkPreview Plugin <= 1.6.7 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.1%CVE-2026-10553MEDIUMjQuery Hover Footnotes <= 1.4 - Cross-Site Request Forgery to Plugin Settings UpdateEPSS 0.1%CVE-2025-8606LOWGSheetConnector For Gravity Forms <= 1.3.23 - Cross-Site Request Forgery to Arbitrary Plugin Activation/DeactivationEPSS 0.1%CVE-2023-30759HIGHThe driver installation package created by Printer Driver Packager NX v1.0.02 to v1.1.25 fails to detect its modification and may spawn an uEPSS 0.1%CVE-2025-25168HIGHWordPress BookPress – For Book Authors Plugin <= 1.2.7 - CSRF to Stored XSS vulnerabilityEPSS 0.1%CVE-2025-30632MEDIUMWordPress Global Translator plugin <= 2.0.2 - Cross Site Request Forgery (CSRF) VulnerabilityEPSS 0.1%CVE-2025-57977HIGHWordPress Flexible PDF Invoices for WooCommerce & WordPress Plugin <= 6.0.13 - Cross Site Request Forgery (CSRF) VulnerabilityEPSS 0.1%CVE-2025-63710MEDIUMThe send_message.php endpoint in SourceCodester Simple Public Chat Room 1.0 is vulnerable to Cross-Site Request Forgery (CSRF). The applicatEPSS 0.1%CVE-2025-70899MEDIUMPHPgurukul Online Course Registration v3.1 lacks Cross-Site Request Forgery (CSRF) protection on all administrative forms. An attacker can pEPSS 0.1%CVE-2025-23989HIGHWordPress Internal Link Builder plugin <= 1.0 - CSRF to Stored XSS vulnerabilityEPSS 0.1%