Weaknesses of type CWE-352
5,733 resultsCVE-2018-25150MEDIUMEcessa ShieldLink SL175EHQ 10.7.4 Cross-Site Request Forgery via User ConfigurationEPSS 0.1%CVE-2025-63952MEDIUMA Cross-Site Request Forgery (CSRF) in the /mwapi?method=add-user component of Magewell Pro Convert v1.2.213 allows attackers to arbitrarilyEPSS 0.1%CVE-2025-49440MEDIUMWordPress WP Security Master plugin <= 1.0.2 - Cross Site Request Forgery (CSRF) VulnerabilityEPSS 0.1%CVE-2025-62009MEDIUMWordPress UPC/EAN/GTIN Code Generator plugin <= 2.0.2 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.1%CVE-2025-31600MEDIUMWordPress DesignO plugin <= 2.6.0 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.1%CVE-2025-10311MEDIUMComment Info Detector <= 1.0.5 - Cross-Site Request Forgery to Settings UpdateEPSS 0.1%CVE-2026-0811MEDIUMAdvanced CF7 DB <= 2.0.9 - Cross-Site Request Forgery to Form Entry DeletionEPSS 0.1%CVE-2025-31474MEDIUMWordPress WP Database Optimizer plugin <= 1.2.1.3 - Cross Site Request Forgery (CSRF) VulnerabilityEPSS 0.1%CVE-2025-46498MEDIUMWordPress Zalo Official Live Chat plugin <= 1.0.0 - Cross Site Request Forgery (CSRF) VulnerabilityEPSS 0.1%CVE-2025-47466MEDIUMWordPress Ultimate WP Mail plugin <= 1.3.4 - Cross Site Request Forgery (CSRF) VulnerabilityEPSS 0.1%CVE-2025-31456MEDIUMWordPress Ultimate Security Checker plugin <= 4.2 - Cross Site Request Forgery (CSRF) to Security Rescan vulnerabilityEPSS 0.1%CVE-2025-64117MEDIUMTuleap missing CSRF protection in the management of SVN commit rules and immutable tagsEPSS 0.1%CVE-2025-26550HIGHWordPress Global Meta Keyword & Description plugin <= 2.3 - CSRF to Cross-Site Scripting vulnerabilityEPSS 0.1%CVE-2025-31583HIGHWordPress WP Copy Media URL plugin <= 2.1 - CSRF to Stored XSS vulnerabilityEPSS 0.1%CVE-2025-12172MEDIUMMailchimp List Subscribe Form <= 2.0.0 - Cross-Site Request Forgery to Mailchimp List ChangeEPSS 0.1%CVE-2025-23502HIGHWordPress Curated Search plugin <= 1.2 - CSRF to Stored XSS vulnerabilityEPSS 0.1%CVE-2025-54674MEDIUMWordPress Product Configurator for WooCommerce Plugin plugin <= 1.4.4 - Cross Site Request Forgery (CSRF) VulnerabilityEPSS 0.1%CVE-2025-64482MEDIUMTuleap missing CSRF protections in the File Release SystemEPSS 0.1%CVE-2025-28964HIGHWordPress Personal Favicon plugin <= 2.0 - CSRF to Stored XSS vulnerabilityEPSS 0.1%CVE-2025-31566HIGHWordPress Rio Video Gallery plugin <= 2.3.6 - CSRF to Stored XSS vulnerabilityEPSS 0.1%