Weaknesses of type CWE-352
5,738 resultsCVE-2025-47684MEDIUMWordPress Smaily for WP plugin <= 3.1.7 - Cross Site Request Forgery (CSRF) VulnerabilityEPSS 0.1%CVE-2026-1508MEDIUMCourt Reservation < 1.10.9 - Event Deletion via CSRFEPSS 0.1%CVE-2025-62123MEDIUMWordPress WP Gmail SMTP plugin <= 1.0.7 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.1%CVE-2025-55046HIGHMuraCMS through 10.1.10 contains a CSRF vulnerability that allows attackers to permanently destroy all deleted content stored in the trash sEPSS 0.1%CVE-2025-9894MEDIUMSync Feedly <= 1.0.1 - Cross-Site Request Forgery to Sync TriggerEPSS 0.1%CVE-2025-10301MEDIUMFunKItools <= 1.0.2 - Cross-Site Request Forgery to Settings UpdateEPSS 0.1%CVE-2025-62962HIGHWordPress CloudSearch plugin <= 3.0.0 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.1%CVE-2025-62101MEDIUMWordPress Pardakht Delkhah plugin <= 3.0.0 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.1%CVE-2025-14846MEDIUMSocialChamp with WordPress <= 1.3.5 - Cross-Site Request Forgery to Plugin Settings UpdateEPSS 0.1%CVE-2026-56024MEDIUMWordPress WP EasyPay plugin <= 4.5.0 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.1%CVE-2025-59114MEDIUMCross-Site Request Forgery in Windu CMSEPSS 0.1%CVE-2025-9944MEDIUMProfessional Contact Form <= 1.0.0 - Cross-Site Request Forgery to Test Email SendingEPSS 0.1%CVE-2025-9898MEDIUMcForms – Light speed fast Form Builder <= 3.0.0 - Cross-Site Request ForgeryEPSS 0.1%CVE-2025-4189MEDIUMAudio Comments Plugin <= 1.0.4 - Cross-Site Request Forgery to Stored Cross-Site ScriptingEPSS 0.1%CVE-2026-57747MEDIUMWordPress Booked plugin <= 3.0.0 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.1%CVE-2025-9897MEDIUMAP Background <= 3.8.2 - Cross-Site Request ForgeryEPSS 0.1%CVE-2025-62113MEDIUMWordPress Co-marquage service-public.fr plugin <= 0.5.77 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.1%CVE-2026-1455MEDIUMWhatsiplus Scheduled Notification for Woocommerce <= 1.0.1 - Cross-Site Request Forgery to 'wsnfw_save_users_settings' AJAX ActionEPSS 0.1%CVE-2025-48328MEDIUMWordPress Real Time Validation for Gravity Forms plugin <= 1.7.0 - Cross Site Request Forgery (CSRF) to Settings Change vulnerabilityEPSS 0.1%CVE-2025-47583MEDIUMWordPress Salon booking system plugin <= 10.16 - CSRF to Arbitrary Content Deletion vulnerabilityEPSS 0.1%