Weaknesses of type CWE-352

5,739 results
CVE-2025-62102MEDIUMWordPress DoFollow Case by Case plugin <= 3.5.1 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.1%CVE-2025-62733MEDIUMWordPress Custom Sidebars by ProteusThemes plugin <= 1.0.3 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.1%CVE-2025-66906MEDIUMCross Site Request Forgery (CSRF) vulnerability in Turms Admin API thru v0.10.0-SNAPSHOT allows attackers to gain escalated privileges.EPSS 0.1%CVE-2026-45610MEDIUMWWBN AVideo plugin/LoginControl/set.json.php: 2FA toggle endpoint has no CSRF protection, letting an attacker page silently disable a logged-in victim's 2FAEPSS 0.1%CVE-2025-64368MEDIUMWordPress Bard theme <= 1.6 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.1%CVE-2026-57306MEDIUMA cross-site request forgery (CSRF) vulnerability in Jenkins Zowe zDevOps Plugin 1.1.3.50.ve350c9b_450b_1 and earlier allows attackers to coEPSS 0.1%CVE-2026-29521MEDIUMHereta ETH-IMC408M CSRF via Configuration SetupEPSS 0.1%CVE-2026-0493MEDIUMCross-Site Request Forgery (CSRF) vulnerability in SAP Fiori App (Intercompany Balance Reconciliation)EPSS 0.1%CVE-2025-53305HIGHWordPress WP Forum Server plugin <= 1.8.2 - Cross Site Request Forgery (CSRF) VulnerabilityEPSS 0.1%CVE-2025-68580MEDIUMWordPress Advanced Classifieds & Directory Pro plugin <= 3.2.9 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.1%CVE-2025-58576MEDIUMCross-site request forgery vulnerability exists in GroupSession Free edition prior to ver5.3.0, GroupSession byCloud prior to ver5.3.3, and EPSS 0.1%CVE-2023-52212MEDIUMWordPress WP Job Manager plugin <= 2.0.0 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.1%CVE-2025-53310HIGHWordPress HidePost plugin <= 2.3.8 - Cross Site Request Forgery (CSRF) VulnerabilityEPSS 0.1%CVE-2025-55758MEDIUMExtension - jdownloads.com - CSRF vectors in jDownloads component 1.0.0 - 4.0.47 for JoomlaEPSS 0.1%CVE-2025-52780HIGHWordPress Logo Manager For Samandehi plugin <= 0.5 - Cross Site Request Forgery (CSRF) VulnerabilityEPSS 0.1%CVE-2025-53311HIGHWordPress Navayan Subscribe plugin <= 1.13 - Cross Site Request Forgery (CSRF) VulnerabilityEPSS 0.1%CVE-2025-52772HIGHWordPress Virtual Moderator plugin <= 1.4 - Cross Site Request Forgery (CSRF) VulnerabilityEPSS 0.1%CVE-2025-53313HIGHWordPress Twitch TV Embed Suite plugin <= 2.1.0 - Cross Site Request Forgery (CSRF) VulnerabilityEPSS 0.1%CVE-2025-53317HIGHWordPress WPShapere Lite plugin <= 1.4.1 - Cross Site Request Forgery (CSRF) VulnerabilityEPSS 0.1%CVE-2026-48925MEDIUMA cross-site request forgery (CSRF) vulnerability in Jenkins GitHub Integration Plugin 0.7.3 and earlier allows attackers to attackers to trEPSS 0.1%