Weaknesses of type CWE-352
5,738 resultsCVE-2025-58272LOWCross-site request forgery vulnerability exists in Web Caster V130 versions 1.08 and earlier. If a logged-in user views a malicious page creEPSS 0.1%CVE-2025-58865MEDIUMWordPress Compact Admin plugin <= 1.3.3 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.1%CVE-2025-27003MEDIUMWordPress Quick Paypal Payments Plugin <= 5.7.46 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.1%CVE-2026-8907MEDIUMWP-Ultimate-Map <= 1.1 - Cross-Site Request Forgery to Stored Cross-Site Scripting via 'zoom-level' ParameterEPSS 0.1%CVE-2025-54286HIGHCSRF Vulnerability When Using Client Certificate Authentication with the LXD-UIEPSS 0.1%CVE-2025-49040MEDIUMWordPress Backup Bolt plugin <= 1.5.0 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.1%CVE-2025-8119MEDIUMCross-Site Request Forgery in PAD CMSEPSS 0.1%CVE-2026-15080MEDIUMRay Enterprise Translation - Moderately critical - Cross site request forgery - SA-CONTRIB-2026-071EPSS 0.1%CVE-2026-8906MEDIUMWP Promoter <= 1.3 - Cross-Site Request Forgery to Stored Cross-Site Scripting via 'popup_width' ParameterEPSS 0.1%CVE-2025-58202MEDIUMWordPress Simple Page Access Restriction Plugin <= 1.0.32 - Cross Site Request Forgery (CSRF) VulnerabilityEPSS 0.1%CVE-2025-58809HIGHWordPress To Lead For Salesforce Plugin <= 2.7.3.9 - Cross Site Request Forgery (CSRF) VulnerabilityEPSS 0.1%CVE-2025-58687HIGHWordPress Current Age Plugin Plugin <= 1.6 - Cross Site Request Forgery (CSRF) VulnerabilityEPSS 0.1%CVE-2025-58853HIGHWordPress Popping Sidebars and Widgets Light Plugin <= 1.27 - Cross Site Request Forgery (CSRF) VulnerabilityEPSS 0.1%CVE-2025-54529LOWIn JetBrains TeamCity before 2025.07 a CSRF was possible in external OAuth login integrationEPSS 0.1%CVE-2025-58854HIGHWordPress Ultimate AJAX Login Plugin <= 1.2.1 - Cross Site Request Forgery (CSRF) VulnerabilityEPSS 0.1%CVE-2026-8140HIGHConcrete CMS 9.5.0 and below is vulnerable to CSRF on download() in the package install controllerEPSS 0.1%CVE-2025-48320HIGHWordPress 百度分享按钮 plugin <= 1.0.6 - CSRF to Stored XSS vulnerabilityEPSS 0.1%CVE-2025-58807HIGHWordPress Purge Varnish Cache Plugin <= 2.6 - Cross Site Request Forgery (CSRF) VulnerabilityEPSS 0.1%CVE-2025-48321HIGHWordPress Ultimate twitter profile widget plugin <= 1.0 - CSRF to Stored XSS vulnerabilityEPSS 0.1%CVE-2025-58844HIGHWordPress Database to Excel Plugin <= 1.0 - Cross Site Request Forgery (CSRF) VulnerabilityEPSS 0.1%