Weaknesses of type CWE-352
5,733 resultsCVE-2025-54674MEDIUMWordPress Product Configurator for WooCommerce Plugin plugin <= 1.4.4 - Cross Site Request Forgery (CSRF) VulnerabilityEPSS 0.1%CVE-2025-26543HIGHWordPress Simple Responsive Menu plugin <= 2.1 - CSRF to Stored XSS vulnerabilityEPSS 0.1%CVE-2025-57918HIGHWordPress LinkedInclude Plugin <= 3.0.4 - Cross Site Request Forgery (CSRF) VulnerabilityEPSS 0.1%CVE-2025-31569HIGHWordPress wordpress related Posts with thumbnails plugin <= 3.0.0.1 - CSRF to Stored XSS vulnerabilityEPSS 0.1%CVE-2025-28974HIGHWordPress Free WP Mail SMTP plugin <= 1.0 - Cross Site Request Forgery (CSRF) to Stored XSS vulnerabilityEPSS 0.1%CVE-2025-30981MEDIUMWordPress WP-Recall plugin <= 16.26.14 - CSRF to Privilege Escalation vulnerabilityEPSS 0.1%CVE-2025-26547HIGHWordPress My Login Logout Plugin plugin <= 2.4 - CSRF to Stored Cross-Site Scripting vulnerabilityEPSS 0.1%CVE-2025-26577HIGHWordPress DX-auto-publish plugin <= 1.2 - CSRF to Stored XSS vulnerabilityEPSS 0.1%CVE-2025-31449HIGHWordPress The Visitor Counter plugin <= 1.4.3 - Cross Site Request Forgery (CSRF) to Stored XSS vulnerabilityEPSS 0.1%CVE-2025-26578HIGHWordPress Simple Documentation plugin <= 1.2.8 - CSRF to Stored XSS vulnerabilityEPSS 0.1%CVE-2025-31583HIGHWordPress WP Copy Media URL plugin <= 2.1 - CSRF to Stored XSS vulnerabilityEPSS 0.1%CVE-2025-31570HIGHWordPress Related Posts Widget with Thumbnails plugin <= 1.2 - CSRF to Stored XSS vulnerabilityEPSS 0.1%CVE-2025-31585HIGHWordPress Leadfox for WordPress plugin <= 2.1.9 - CSRF to Stored XSS vulnerabilityEPSS 0.1%CVE-2025-26580HIGHWordPress Page/Post Specific Social Share Buttons plugin <= 2.1 - CSRF to Stored XSS vulnerabilityEPSS 0.1%CVE-2025-12172MEDIUMMailchimp List Subscribe Form <= 2.0.0 - Cross-Site Request Forgery to Mailchimp List ChangeEPSS 0.1%CVE-2025-26549HIGHWordPress WP Html Page Sitemap plugin <= 2.2 - CSRF to Stored Cross-Site ScriptingEPSS 0.1%CVE-2025-60164HIGHWordPress NewsmanApp plugin <= 2.7.7 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.1%CVE-2025-26768HIGHWordPress what3words Address Field plugin <= 4.0.15 - CSRF to Stored XSS vulnerabilityEPSS 0.1%CVE-2025-23502HIGHWordPress Curated Search plugin <= 1.2 - CSRF to Stored XSS vulnerabilityEPSS 0.1%CVE-2025-64482MEDIUMTuleap missing CSRF protections in the File Release SystemEPSS 0.1%