Weaknesses of type CWE-352
5,733 resultsCVE-2025-39416HIGHWordPress translit it! plugin <= 1.6 - CSRF to Stored XSS vulnerabilityEPSS 0.1%CVE-2025-59132MEDIUMWordPress Duplicate Content Cure plugin <= 1.0 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.1%CVE-2025-39424HIGHWordPress Simple Maps plugin <= 0.98 - CSRF to XSS vulnerabilityEPSS 0.1%CVE-2025-32655HIGHWordPress Restrict User Registration plugin <= 1.0.1 - CSRF to Stored XSS vulnerabilityEPSS 0.1%CVE-2026-5923MEDIUMPoly Voice – Potential Unauthorized Modification of WebUI using CSRF AttackEPSS 0.1%CVE-2025-32546HIGHWordPress All push notification for WP Plugin <= 1.5.3 - CSRF to Reflected Cross Site Scripting (XSS) vulnerabilityEPSS 0.1%CVE-2025-54675MEDIUMWordPress YITH WooCommerce Popup Plugin plugin <= 1.48.0 - Cross Site Request Forgery (CSRF) VulnerabilityEPSS 0.1%CVE-2025-28891HIGHWordPress price-calc plugin <= 0.6.3 - CSRF to Stored XSS vulnerabilityEPSS 0.1%CVE-2025-66529MEDIUMWordPress Chartify plugin <= 3.6.3 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.1%CVE-2025-14159MEDIUMSecure Copy Content Protection and Content Locking <= 4.9.2 - Cross-Site Request Forgery to Data ExportEPSS 0.1%CVE-2025-66531MEDIUMWordPress Salon booking system plugin <= 10.30.3 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.1%CVE-2025-28883HIGHWordPress WP Compare Tables plugin <= 1.0.5 - CSRF to Stored XSS vulnerabilityEPSS 0.1%CVE-2025-28932HIGHWordPress Insert Code plugin <= 2.4 - CSRF to Stored XSS vulnerabilityEPSS 0.1%CVE-2025-39435HIGHWordPress My Marginalia plugin <= 1.0.6 - CSRF to Stored XSS vulnerabilityEPSS 0.1%CVE-2025-32545HIGHWordPress WooCommerce Products without featured images Plugin <= 0.1 - CSRF to Reflected Cross Site Scripting (XSS) vulnerabilityEPSS 0.1%CVE-2025-57978MEDIUMWordPress Advanced Appointment Booking & Scheduling plugin <= 2.1 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.1%CVE-2025-39414HIGHWordPress spam-stopper plugin <= 3.1.3 - CSRF to Stored XSS vulnerabilityEPSS 0.1%CVE-2025-28923HIGHWordPress No Disposable Email plugin <= 2.5.1 - CSRF to Stored XSS vulnerabilityEPSS 0.1%CVE-2025-39441HIGHWordPress Dashboard Notepads plugin <= 1.2.1 - CSRF to Stored XSS vulnerabilityEPSS 0.1%CVE-2025-39417HIGHWordPress Redirect wordpress to welcome or landing page plugin <= 2.0 - CSRF to Stored XSS vulnerabilityEPSS 0.1%