Weaknesses of type CWE-352
5,733 resultsCVE-2025-14468MEDIUMAMP for WP – Accelerated Mobile Pages <= 1.1.9 - Cross-Site Request Forgery to Comment SubmissionEPSS 0.1%CVE-2025-49972MEDIUMWordPress TM Replace Howdy plugin <= 1.4.2 - Cross Site Request Forgery (CSRF) VulnerabilityEPSS 0.1%CVE-2025-49965MEDIUMWordPress PixelBeds Channel Manager and Hotel Booking Engine plugin <= 1.0 - Cross Site Request Forgery (CSRF) VulnerabilityEPSS 0.1%CVE-2019-25682MEDIUMCMSsite 1.0 Cross-Site Request Forgery via users.phpEPSS 0.1%CVE-2025-14906MEDIUMWP Youtube Video Gallery <= 1.0 - Cross-Site Request Forgery to Plugin Settings UpdateEPSS 0.1%CVE-2026-4068MEDIUMAdd Custom Fields to Media <= 2.0.3 - Cross-Site Request Forgery to Custom Field Deletion via 'delete' ParameterEPSS 0.1%CVE-2025-49966MEDIUMWordPress Oganro Travel Portal Search Widget for HotelBeds APITUDE API plugin <= 1.0 - Cross Site Request Forgery (CSRF) VulnerabilityEPSS 0.1%CVE-2025-49975MEDIUMWordPress JobWP plugin <= 2.4.0 - Cross Site Request Forgery (CSRF) VulnerabilityEPSS 0.1%CVE-2025-9945MEDIUMOptimize More! – CSS <= 1.0.3 - Cross-Site Request Forgery to Plugin Settings ResetEPSS 0.1%CVE-2018-25354MEDIUMJoomla Component jomres 9.11.2 Cross-Site Request ForgeryEPSS 0.1%CVE-2025-53268MEDIUMWordPress Import external attachments plugin <= 1.5.12 - Cross Site Request Forgery (CSRF) VulnerabilityEPSS 0.1%CVE-2025-53270MEDIUMWordPress CTA plugin <= 1.7.0 - Cross Site Request Forgery (CSRF) VulnerabilityEPSS 0.1%CVE-2025-53273MEDIUMWordPress Slickstream plugin <= 2.0.3 - Cross Site Request Forgery (CSRF) VulnerabilityEPSS 0.1%CVE-2025-24897HIGHMisskey CSRF vulnerability due to insecure configuration of authentication cookie attributesEPSS 0.1%CVE-2025-14615HIGHDASHBOARD BUILDER <= 1.5.7 - Cross-Site Request Forgery to SQL InjectionEPSS 0.1%CVE-2025-52795HIGHWordPress WP Front User Submit / Front Editor plugin <= 5.0.6 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.1%CVE-2025-31457MEDIUMWordPress LWS SMS plugin <= 2.4.1 - Cross Site Request Forgery (CSRF) VulnerabilityEPSS 0.1%CVE-2026-8422MEDIUMRemove meta boxes per user role <= 1.01 - Cross-Site Request Forgery to Settings UpdateEPSS 0.1%CVE-2025-53193MEDIUMWordPress Burst Statistics plugin <= 2.0.6 - Cross Site Request Forgery (CSRF) VulnerabilityEPSS 0.1%CVE-2025-22634MEDIUMWordPress Easy Booked Plugin <= 2.4.5 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.1%