Weaknesses of type CWE-352
5,733 resultsCVE-2024-56017HIGHWordPress Stop Registration Spam Plugin <= 1.23 - CSRF to Stored XSS vulnerabilityEPSS 0.1%CVE-2026-44347MEDIUMWarpgate: SSO CSRF -- State Token Not Validated on ReturnEPSS 0.1%CVE-2026-20704MEDIUMCross-site request forgery vulnerability exists in ELECOM wireless LAN products. If a user accesses a malicious page while logged-in to the EPSS 0.1%CVE-2026-0658MEDIUMFive Star Restaurant Reservations < 2.7.9 - Arbitrary Bookings Deletion via CSRFEPSS 0.1%CVE-2026-34383MEDIUMAdmidio: CSRF and Form Validation Bypass in Inventory Item Save via `imported` ParameterEPSS 0.1%CVE-2026-24549MEDIUMWordPress GeoDirectory plugin <= 2.8.149 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.1%CVE-2025-5924MEDIUMWP Firebase Push Notification <= 1.2.0 - Cross-Site Request Forgery to Broadcast NotificationEPSS 0.1%CVE-2025-14158MEDIUMCoding Blocks <= 1.1.0 - Cross-Site Request Forgery to Settings UpdateEPSS 0.1%CVE-2026-28477MEDIUMOpenClaw < 2026.2.14 - OAuth State Validation Bypass in Manual Chutes Login FlowEPSS 0.1%CVE-2025-13684MEDIUMARK Related Posts <= 2.19 - Cross-Site Request Forgery to Settings UpdateEPSS 0.1%CVE-2025-59428MEDIUMEspoCRM allows arbitrary user creation via stored SVG injection and CSRFEPSS 0.1%CVE-2025-11886MEDIUMCTL Arcade Lite <= 1.0 - Cross-Site Request Forgery to Plugin Activation and DeactivationEPSS 0.1%CVE-2025-34410HIGH1Panel CSRF in Change Username Functionality Allows Account LockoutEPSS 0.1%CVE-2025-5933MEDIUMRD Contacto <= 1.4 - Cross-Site Request Forgery to Settings UpdateEPSS 0.1%CVE-2025-14165MEDIUMKirim.Email WooCommerce Integration <= 1.2.9 - Cross-Site Request Forgery to Settings UpdateEPSS 0.1%CVE-2025-31413MEDIUMWordPress Element Pack Elementor Addons plugin <= 8.3.13 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.1%CVE-2026-24542MEDIUMWordPress WP Term Order plugin <= 2.1.0 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.1%CVE-2026-24521MEDIUMWordPress Kama Thumbnail plugin <= 3.5.1 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.1%CVE-2025-5925MEDIUMBunny’s Print CSS <= 0.95 - Cross-Site Request Forgery to Settings UpdateEPSS 0.1%CVE-2026-22359MEDIUMWordPress Wordpress Movies Bulk Importer plugin <= 1.0 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.1%