Weaknesses of type CWE-352
5,740 resultsCVE-2026-25014MEDIUMWordPress Enter Addons plugin <= 2.3.2 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.1%CVE-2026-27090MEDIUMWordPress Kenta Companion plugin <= 1.3.3 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.1%CVE-2026-57657MEDIUMWordPress Gmail SMTP plugin <= 1.2.3.19 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.1%CVE-2025-53444MEDIUMWordPress Userpro plugin < 5.1.11 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.1%CVE-2025-67646LOWTableProgressTracking's missing CSRF protection allows unauthorized state changesEPSS 0.1%CVE-2025-62133MEDIUMWordPress FormFacade plugin <= 1.4.1 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.1%CVE-2025-53344MEDIUMWordPress Thim Core Plugin <= 2.3.3 - Cross Site Request Forgery (CSRF) VulnerabilityEPSS 0.1%CVE-2026-3211MEDIUMTheme Negotiation by Rules - Moderately critical - Cross-site request forgery - SA-CONTRIB-2026-012EPSS 0.1%CVE-2026-1128MEDIUMWP eCommerce <= 3.15.1 - Coupon Deletion via CSRFEPSS 0.1%CVE-2026-30498MEDIUMA Cross-Site Request Forgery (CSRF) vulnerability was discovered in the delete.php endpoint of Jason2605 AdminPanel 4.0.EPSS 0.1%CVE-2026-24384MEDIUMWordPress Merge + Minify + Refresh plugin <= 2.14 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.1%CVE-2025-68082MEDIUMWordPress Semrush Content Toolkit plugin <= 1.1.32 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.1%CVE-2026-39710MEDIUMWordPress RT-Theme 18 | Extensions plugin <= 2.5 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.1%CVE-2026-24374MEDIUMWordPress RegistrationMagic plugin <= 6.0.6.9 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.1%CVE-2026-32456MEDIUMWordPress Admin Menu Editor plugin <= 1.14.1 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.1%CVE-2025-68601MEDIUMWordPress Five Star Restaurant Reservations plugin <= 2.7.8 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.1%CVE-2025-67622HIGHWordPress Evergreen Post Tweeter plugin <= 1.8.9 - Cross Site Request Forgery (CSRF) to Stored XSS vulnerabilityEPSS 0.1%CVE-2026-13243MEDIUMSalesforce Suite - Moderately critical - Cross-site request forgery - SA-CONTRIB-2026-063EPSS 0.1%CVE-2025-68083MEDIUMWordPress Meks Quick Plugin Disabler plugin <= 1.0 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.1%CVE-2026-24365MEDIUMWordPress Stock Manager for WooCommerce plugin < 3.6.0 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.1%