Weaknesses of type CWE-352
5,738 resultsCVE-2025-8481MEDIUMBlog Designer For Elementor – Post Slider, Post Carousel, Post Grid <= 1.1.7 - Cross-Site Request ForgeryEPSS 0.1%CVE-2025-7839MEDIUMRestore Permanently delete Post or Page Data <= 1.0 - Cross-Site Request ForgeryEPSS 0.1%CVE-2025-9896MEDIUMHidePost <= 2.3.8 - Cross-Site Request ForgeryEPSS 0.1%CVE-2026-45773MEDIUMTurborepo: Login callback CSRF/session fixationEPSS 0.1%CVE-2026-8942MEDIUMMetaMagic SEO Plugin <= 1.6 - Cross-Site Request Forgery to Plugin Settings Update via Settings PageEPSS 0.1%CVE-2025-10376MEDIUMCourse Redirects for Learndash Plugin <= 0.4 - Cross-Site Request ForgeryEPSS 0.1%CVE-2025-55046HIGHMuraCMS through 10.1.10 contains a CSRF vulnerability that allows attackers to permanently destroy all deleted content stored in the trash sEPSS 0.1%CVE-2026-1085MEDIUMTrue Ranker <= 2.2.9 - Cross-Site Request Forgery to Unauthorized True Ranker DisconnectionEPSS 0.1%CVE-2026-57723HIGHWordPress VikBooking Hotel Booking Engine & PMS plugin <= 1.8.12 - CSRF to Arbitrary File Deletion vulnerabilityEPSS 0.1%CVE-2025-59894HIGHCross-Site request forgery (CSRF) vulnerability in Sync Breeze Enterprise ServerEPSS 0.1%CVE-2025-9944MEDIUMProfessional Contact Form <= 1.0.0 - Cross-Site Request Forgery to Test Email SendingEPSS 0.1%CVE-2025-48344MEDIUMWordPress Rootspersona plugin <= 3.7.5 - Cross Site Request Forgery (CSRF) VulnerabilityEPSS 0.1%CVE-2025-9885MEDIUMMPWizard – Create Mercado Pago Payment Links <= 1.2.1 - Cross-Site Request Forgery to Arbitrary Post DeletionEPSS 0.1%CVE-2025-13521MEDIUMWP Status Notifier <= 1.0 - Cross-Site Request Forgery to Settings UpdateEPSS 0.1%CVE-2025-54174MEDIUMCross-Site Request Forgery in QuickCMSEPSS 0.1%CVE-2025-54702MEDIUMWordPress Ebook Store Plugin plugin <= 5.8013 - Cross Site Request Forgery (CSRF) VulnerabilityEPSS 0.1%CVE-2025-31460HIGHWordPress OmniLeads Scripts and Tags Manager plugin <= 1.3 - CSRF to Stored XSS vulnerabilityEPSS 0.1%CVE-2025-31440HIGHWordPress Terms of Use plugin <= 2.0 - Cross Site Request Forgery (CSRF) to Stored XSS vulnerabilityEPSS 0.1%CVE-2025-31443HIGHWordPress KK I Like It plugin <= 1.7.5.3 - CSRF to Stored XSS vulnerabilityEPSS 0.1%CVE-2025-31459HIGHWordPress Login Alert plugin <= 0.2.1 - CSRF to Stored XSS vulnerabilityEPSS 0.1%