Weaknesses of type CWE-352
5,733 resultsCVE-2025-54694MEDIUMWordPress Button Block Plugin plugin <= 1.2.0 - Cross Site Request Forgery (CSRF) VulnerabilityEPSS 0.1%CVE-2025-57918HIGHWordPress LinkedInclude Plugin <= 3.0.4 - Cross Site Request Forgery (CSRF) VulnerabilityEPSS 0.1%CVE-2025-26543HIGHWordPress Simple Responsive Menu plugin <= 2.1 - CSRF to Stored XSS vulnerabilityEPSS 0.1%CVE-2025-12172MEDIUMMailchimp List Subscribe Form <= 2.0.0 - Cross-Site Request Forgery to Mailchimp List ChangeEPSS 0.1%CVE-2025-13982HIGHLogin Time Restriction - Moderately critical - Cross-Site Request Forgery - SA-CONTRIB-2025-120EPSS 0.1%CVE-2025-60164HIGHWordPress NewsmanApp plugin <= 2.7.7 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.1%CVE-2025-28950HIGHWordPress Post Author plugin <= 1.1.1 - Cross Site Request Forgery (CSRF) VulnerabilityEPSS 0.1%CVE-2025-26572HIGHWordPress WP PHPList Plugin <= 1.7 - CSRF to Stored XSS vulnerabilityEPSS 0.1%CVE-2025-54671MEDIUMWordPress oik plugin <= 4.15.2 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.1%CVE-2025-26580HIGHWordPress Page/Post Specific Social Share Buttons plugin <= 2.1 - CSRF to Stored XSS vulnerabilityEPSS 0.1%CVE-2025-31449HIGHWordPress The Visitor Counter plugin <= 1.4.3 - Cross Site Request Forgery (CSRF) to Stored XSS vulnerabilityEPSS 0.1%CVE-2025-64117MEDIUMTuleap missing CSRF protection in the management of SVN commit rules and immutable tagsEPSS 0.1%CVE-2025-26577HIGHWordPress DX-auto-publish plugin <= 1.2 - CSRF to Stored XSS vulnerabilityEPSS 0.1%CVE-2026-8425MEDIUMNotify Odoo <= 1.0.1 - Cross-Site Request Forgery to Settings UpdateEPSS 0.1%CVE-2025-26759HIGHWordPress Content Snippet Manager plugin <= 1.1.5 - CSRF to Stored XSS vulnerabilityEPSS 0.1%CVE-2025-48483MEDIUMFreeScout Stored XSS leads to CSRFEPSS 0.1%CVE-2024-13512MEDIUMWonder FontAwesome <= 0.8 - Cross-Site Request Forgery to Stored Cross-Site ScriptingEPSS 0.1%CVE-2018-25170HIGHDoceboLMS 1.2 SQL Injection via lesson.phpEPSS 0.1%CVE-2024-13521MEDIUMMailUp Auto Subscription <= 1.1.0 - Cross-Site Request Forgery to Stored Cross-Site ScriptingEPSS 0.1%CVE-2024-56017HIGHWordPress Stop Registration Spam Plugin <= 1.23 - CSRF to Stored XSS vulnerabilityEPSS 0.1%