Weaknesses of type CWE-352
5,733 resultsCVE-2025-49283MEDIUMWordPress Anti-spam, Spam protection, ReCaptcha for all forms and GDPR-compliant plugin <= 4.1.1 - Cross Site Request Forgery (CSRF) VulnerabilityEPSS 0.1%CVE-2025-4966MEDIUMWP Online Users Stats <= 1.0.0 - Cross-Site Request Forgery to Stored Cross-Site Scripting via hk_dataset_results FunctionEPSS 0.1%CVE-2026-8938MEDIUMauto making JSON-LD <= 4.5.3 - Cross-Site Request Forgery to Plugin Certification Settings via Nonce Validation BypassEPSS 0.1%CVE-2025-27360MEDIUMWordPress Quick Event Calendar plugin <= 1.4.9 - Cross Site Request Forgery (CSRF) VulnerabilityEPSS 0.1%CVE-2025-47594MEDIUMWordPress Soccer Live Scores <= 1.0.5 - Cross Site Request Forgery (CSRF) VulnerabilityEPSS 0.1%CVE-2026-8941MEDIUMCDN Linker lite <= 1.3.1 - Cross-Site Request Forgery to Plugin Settings UpdateEPSS 0.1%CVE-2026-24574MEDIUMWordPress Export WP Page to Static HTML/CSS plugin <= 6.0.0 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.1%CVE-2025-27340MEDIUMWordPress F12-Profiler Plugin <= 1.3.9 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.1%CVE-2025-46231MEDIUMWordPress affiliate-toolkit plugin <= 3.7.3 - Cross Site Request Forgery (CSRF) VulnerabilityEPSS 0.1%CVE-2025-48111MEDIUMWordPress YITH PayPal Express Checkout for WooCommerce plugin <= 1.49.0 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.1%CVE-2025-14354MEDIUMResource Library for Logged In Users <= 1.5 - Cross-Site Request Forgery to Multiple Administrative ActionsEPSS 0.1%CVE-2025-49317MEDIUMWordPress WP Page Loading plugin <= 1.0.6 - Cross Site Request Forgery (CSRF) VulnerabilityEPSS 0.1%CVE-2025-47551MEDIUMWordPress Wiki Embed plugin <= 1.4.6 - Cross Site Request Forgery (CSRF) to Settings Change vulnerabilityEPSS 0.1%CVE-2025-39442HIGHWordPress Review Wave – Google Places Reviews plugin <= 1.4.7 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.1%CVE-2025-66529MEDIUMWordPress Chartify plugin <= 3.6.3 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.1%CVE-2025-28931HIGHWordPress WordPress Hashtags plugin <= 0.3.2 - CSRF to Stored XSS vulnerabilityEPSS 0.1%CVE-2025-27277HIGHWordPress Add Linked Images To Gallery plugin <= 1.4 - CSRF to Stored XSS vulnerabilityEPSS 0.1%CVE-2025-32546HIGHWordPress All push notification for WP Plugin <= 1.5.3 - CSRF to Reflected Cross Site Scripting (XSS) vulnerabilityEPSS 0.1%CVE-2025-32655HIGHWordPress Restrict User Registration plugin <= 1.0.1 - CSRF to Stored XSS vulnerabilityEPSS 0.1%CVE-2025-39417HIGHWordPress Redirect wordpress to welcome or landing page plugin <= 2.0 - CSRF to Stored XSS vulnerabilityEPSS 0.1%