Weaknesses of type CWE-352

5,737 results
CVE-2025-48153HIGHWordPress Import CDN-Remote Images plugin <= 2.1.2 - Cross Site Request Forgery (CSRF) VulnerabilityEPSS 0.1%CVE-2025-46508HIGHWordPress Advanced lazy load plugin <= 1.6.0 - CSRF to Stored XSS vulnerabilityEPSS 0.1%CVE-2025-46506HIGHWordPress WpZon – Amazon Affiliate Plugin plugin <= 1.3 - CSRF to XSS vulnerabilityEPSS 0.1%CVE-2025-27321HIGHWordPress Blightly Explorer plugin <= 2.3.0 - CSRF to Stored XSS vulnerabilityEPSS 0.1%CVE-2025-28948HIGHWordPress Mediabay - WordPress Media Library Folders plugin <= 1.4 - CSRF to Reflected XSS vulnerabilityEPSS 0.1%CVE-2024-35648MEDIUMWordPress Emergency Password Reset plugin <= 8.0 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.1%CVE-2025-53219MEDIUMWordPress WP-Database-Optimizer-Tools Plugin <= 0.2 - Cross Site Request Forgery (CSRF) VulnerabilityEPSS 0.1%CVE-2025-58818MEDIUMWordPress Developer Tools Blocker Plugin <= 3.2.1 - Cross Site Request Forgery (CSRF) VulnerabilityEPSS 0.1%CVE-2025-13205MEDIUMSurveyJS: Drag & Drop WordPress Form Builder to create, style and embed multiple forms of any complexity <= 2.5.2 - Cross-Site Request Forgery to Survey CloningEPSS 0.1%CVE-2025-59892HIGHCross-Site request forgery (CSRF) vulnerability in Sync Breeze Enterprise ServerEPSS 0.1%CVE-2025-58801MEDIUMWordPress Responder Plugin <= 4.3.8 - Cross Site Request Forgery (CSRF) VulnerabilityEPSS 0.1%CVE-2025-46466HIGHWordPress Modern Polls plugin <= 1.0.10 - CSRF to Stored XSS vulnerabilityEPSS 0.1%CVE-2025-12406MEDIUMProject Honey Pot Spam Trap <= 1.0.1 - Cross-Site Request Forgery to Stored Cross-Site ScriptingEPSS 0.1%CVE-2025-46450HIGHWordPress occupancyplan plugin <= 1.0.3.0 - Cross Site Request Forgery (CSRF) to Stored XSS vulnerabilityEPSS 0.1%CVE-2026-1087MEDIUMThe Guardian News Feed <= 1.2 - Cross-Site Request Forgery to Settings UpdateEPSS 0.1%CVE-2025-6062MEDIUMYougler Blogger Profile Page <= v1.01 - Cross-Site Request Forgery to Settings UpdateEPSS 0.1%CVE-2025-14168MEDIUMWP DB Booster <= 1.0.1 - Cross-Site Request Forgery to Database CleanupEPSS 0.1%CVE-2025-49391MEDIUMWordPress Sign-up Sheets Plugin <= 2.3.3 - Cross Site Request Forgery (CSRF) VulnerabilityEPSS 0.1%CVE-2026-22800LOWPILOS affected by a CSRF via GET request allows unintentional termination of all active video conferencesEPSS 0.1%CVE-2025-5936MEDIUMVR Calendar <= 2.4.7 - Cross-Site Request Forgery to Calendar SyncEPSS 0.1%