Weaknesses of type CWE-352

5,740 results
CVE-2026-27518MEDIUMBinardat 10G08-0800GSM Network Switch CSRFEPSS 0.1%CVE-2025-67598MEDIUMWordPress SupportCandy plugin <= 3.4.1 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.1%CVE-2025-67591MEDIUMWordPress JNews Paywall plugin < 12.0.1 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.1%CVE-2026-39671HIGHWordPress Extra Fees Plugin for WooCommerce plugin <= 4.3.3 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.1%CVE-2025-67593MEDIUMWordPress UsersWP plugin <= 1.2.48 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.1%CVE-2025-67590MEDIUMWordPress Ultimate FAQ plugin <= 2.4.3 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.1%CVE-2025-14999MEDIUMLatest Tabs <= 1.5 - Cross-Site Request Forgery to Plugin's Settings UpdateEPSS 0.1%CVE-2025-67596MEDIUMWordPress Business Directory plugin <= 6.4.19 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.1%CVE-2026-27513MEDIUMTenda F3 CSRF in Web Management InterfaceEPSS 0.1%CVE-2026-8944MEDIUMPlugin for Google Analytics by IO technologies <= 1.1 - Cross-Site Request Forgery via 'ga_id' ParameterEPSS 0.1%CVE-2026-12002MEDIUMSmash Balloon Social Photo Feed – Easy Social Feeds Plugin <= 6.11.1 - Cross-Site Request Forgery to oEmbed Access Token Overwrite via 'sbi_access_token' ParameterEPSS 0.1%CVE-2025-36411LOWMultiple vulnerabilities found in IBM ApplinX.EPSS 0.1%CVE-2025-66097MEDIUMWordPress I Order Terms plugin <= 1.5.0 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.1%CVE-2026-26075MEDIUMCross-Site Request Forgery (CSRF) in FastGPTEPSS 0.1%CVE-2026-57298MEDIUMA cross-site request forgery (CSRF) vulnerability in Jenkins Contrast Continuous Application Security Plugin 3.11 and earlier allows attackeEPSS 0.1%CVE-2025-69021MEDIUMWordPress Popup box plugin <= 6.0.7 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.1%CVE-2025-14734MEDIUMAmazon affiliate lite Plugin <= 1.0.0 - Cross-Site Request Forgery to Plugin Settings UpdateEPSS 0.1%CVE-2026-40764HIGHWordPress Contact Form by WPForms plugin <= 1.10.0.2 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.1%CVE-2025-13134MEDIUMAuthorSure <= 2.3 - Cross-Site Request Forgery to Stored Cross-Site ScriptingEPSS 0.1%CVE-2026-57292MEDIUMA cross-site request forgery (CSRF) vulnerability in Jenkins Gitee Plugin 1288.v18b_deb_c9069b_ and earlier allows attackers to connect to aEPSS 0.1%