Weaknesses of type CWE-352
5,733 resultsCVE-2025-39414HIGHWordPress spam-stopper plugin <= 3.1.3 - CSRF to Stored XSS vulnerabilityEPSS 0.1%CVE-2025-39441HIGHWordPress Dashboard Notepads plugin <= 1.2.1 - CSRF to Stored XSS vulnerabilityEPSS 0.1%CVE-2025-32655HIGHWordPress Restrict User Registration plugin <= 1.0.1 - CSRF to Stored XSS vulnerabilityEPSS 0.1%CVE-2025-39433HIGHWordPress Bknewsticker plugin <= 1.0.5 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.1%CVE-2025-28933HIGHWordPress MaxA/B plugin <= 2.2.2 - CSRF to Stored XSS vulnerabilityEPSS 0.1%CVE-2025-28925HIGHWordPress WATI Chat and Notification plugin <= 1.1.2 - CSRF to Stored Cross Site Scripting (XSS) vulnerabilityEPSS 0.1%CVE-2025-66529MEDIUMWordPress Chartify plugin <= 3.6.3 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.1%CVE-2025-28923HIGHWordPress No Disposable Email plugin <= 2.5.1 - CSRF to Stored XSS vulnerabilityEPSS 0.1%CVE-2026-8903MEDIUMTwo-factor authentication (formerly IP Vault) <= 2.1 - Cross-Site Request Forgery to Settings UpdateEPSS 0.1%CVE-2025-14159MEDIUMSecure Copy Content Protection and Content Locking <= 4.9.2 - Cross-Site Request Forgery to Data ExportEPSS 0.1%CVE-2025-39430HIGHWordPress mLanguage plugin <= 1.6.1 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.1%CVE-2025-39435HIGHWordPress My Marginalia plugin <= 1.0.6 - CSRF to Stored XSS vulnerabilityEPSS 0.1%CVE-2025-39419HIGHWordPress Revision Diet plugin <= 1.0.1 - CSRF to Stored XSS vulnerabilityEPSS 0.1%CVE-2025-59132MEDIUMWordPress Duplicate Content Cure plugin <= 1.0 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.1%CVE-2025-39440HIGHWordPress Broken Links Remover plugin <= 1.2.2 - CSRF to Stored XSS vulnerabilityEPSS 0.1%CVE-2025-39455HIGHWordPress IP2Location Variables plugin <= 2.9.5 - CSRF to Cross Site Scripting (XSS) vulnerabilityEPSS 0.1%CVE-2025-39415HIGHWordPress Social Media Links plugin <= 1.0.3 - CSRF to Stored XSS vulnerabilityEPSS 0.1%CVE-2025-28931HIGHWordPress WordPress Hashtags plugin <= 0.3.2 - CSRF to Stored XSS vulnerabilityEPSS 0.1%CVE-2025-58831MEDIUMWordPress Parallax Scrolling Enllax.js Plugin <= 0.0.6 - Cross Site Request Forgery (CSRF) VulnerabilityEPSS 0.1%CVE-2026-5923MEDIUMPoly Voice – Potential Unauthorized Modification of WebUI using CSRF AttackEPSS 0.1%