Weaknesses of type CWE-352
5,738 resultsCVE-2025-31458HIGHWordPress Video Embedder plugin <= 1.7.1 - Cross Site Request Forgery (CSRF) to Stored XSS vulnerabilityEPSS 0.1%CVE-2026-39632MEDIUMWordPress Grand Blog theme <= 3.1 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.1%CVE-2025-31440HIGHWordPress Terms of Use plugin <= 2.0 - Cross Site Request Forgery (CSRF) to Stored XSS vulnerabilityEPSS 0.1%CVE-2025-31616HIGHWordPress Varnish WordPress plugin <= 1.7 - CSRF to Stored XSS vulnerabilityEPSS 0.1%CVE-2025-31922HIGHWordPress CSS3 Accordions for WordPress plugin <= 3.0 - CSRF to Stored XSS vulnerabilityEPSS 0.1%CVE-2025-31613HIGHWordPress AB Google Map Travel plugin <= 4.6 - CSRF to Stored XSS vulnerabilityEPSS 0.1%CVE-2026-57635MEDIUMWordPress FunnelKit Payment Gateway for Stripe WooCommerce plugin <= 1.14.0.3 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.1%CVE-2025-62005HIGHWordPress SUMO Memberships for WooCommerce plugin < 7.8.0 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.1%CVE-2026-27659MEDIUMCSRF vulnerability in UpdateAccessControlPolicyActiveStatus endpointEPSS 0.1%CVE-2025-14976MEDIUMUser Registration & Membership <= 4.4.8 - Cross-Site Request Forgery to Arbitrary Post DeletionEPSS 0.1%CVE-2025-31459HIGHWordPress Login Alert plugin <= 0.2.1 - CSRF to Stored XSS vulnerabilityEPSS 0.1%CVE-2025-31444HIGHWordPress ShowTime Slideshow plugin <= 1.6 - Cross Site Request Forgery (CSRF) to Stored XSS vulnerabilityEPSS 0.1%CVE-2025-13365MEDIUMWP Hallo Welt <= 1.4. - Cross-Site Request Forgery to Stored Cross-Site ScriptingEPSS 0.1%CVE-2026-34382MEDIUMAdmidio: Missing CSRF Protection on Custom List Deletion in mylist_function.phpEPSS 0.1%CVE-2025-54703MEDIUMWordPress Integrate Google Drive plugin <= 1.5.2 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.1%CVE-2026-49396HIGHNezha Monitoring: Cross-site GET request can trigger stored cron commands on a victim's agentsEPSS 0.1%CVE-2025-10691MEDIUMEasy Email Subscription <= 1.3 - Cross-Site Request Forgery to Arbitrary Subscriber DeletionEPSS 0.1%CVE-2025-12069MEDIUMWP Global Screen Options <= 0.2 - Cross-Site Request Forgery to Screen Options UpdateEPSS 0.1%CVE-2025-58848HIGHWordPress WP likes Plugin <= 3.1.1 - Cross Site Request Forgery (CSRF) VulnerabilityEPSS 0.1%CVE-2026-34904HIGHWordPress Simple Social Media Share Buttons plugin <= 6.2.0 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.1%