Weaknesses of type CWE-352
5,740 resultsCVE-2025-49353HIGHWordPress Noindex by Path plugin <= 1.0 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.1%CVE-2025-68885HIGHWordPress Custom Post Status plugin <= 1.1.0 - Cross Site Request Forgery (CSRF) to Stored XSS vulnerabilityEPSS 0.1%CVE-2025-49354HIGHWordPress Recent Posts From Each Category plugin <= 1.4 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.1%CVE-2025-40841MEDIUMEricsson Indoor Connect 8855 - Cross-Site Request Forgery VulnerabilityEPSS 0.1%CVE-2025-31957LOWHCL BigFix Service Management (SM) is affected by a Cross‑Site Request Forgery (CSRF) vulnerability.EPSS 0.1%CVE-2025-66595MEDIUMA vulnerability has been found in FAST/TOOLS provided by Yokogawa Electric Corporation.
This product is
vulnerable to Cross-Site Request EPSS 0.1%CVE-2026-25024MEDIUMWordPress ThirstyAffiliates plugin <= 3.11.9 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.1%CVE-2025-62134MEDIUMWordPress Contact Form Widget plugin <= 1.5.1 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.1%CVE-2026-39633MEDIUMWordPress Grand Car Rental theme <= 3.6.9 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.1%CVE-2026-27050MEDIUMWordPress RealPress plugin <= 1.1.0 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.1%CVE-2026-24986MEDIUMWordPress Simple Membership WP user Import plugin <= 1.9.1 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.1%CVE-2025-62120MEDIUMWordPress OpenHook plugin <= 4.3.1 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.1%CVE-2026-27415MEDIUMWordPress BEAR plugin <= 1.1.5 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.1%CVE-2026-2324MEDIUMLatePoint – Calendar Booking Plugin for Appointments and Events <= 5.2.7 - Cross-Site Request Forgery in Booking Form Settings Update to Stored Cross-Site ScriptingEPSS 0.1%CVE-2025-62117MEDIUMWordPress EasyIndex plugin <= 1.1.1704 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.1%CVE-2026-57758HIGHWordPress Permalink Manager for WooCommerce plugin <= 1.0.8.2 - CSRF to Stored XSS vulnerabilityEPSS 0.1%CVE-2025-49344HIGHWordPress SensitiveTagCloud plugin <= 1.4.1 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.1%CVE-2025-49342HIGHWordPress Custom Style plugin <= 1.0 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.1%CVE-2026-57761HIGHWordPress SEOWP theme <= 3.12.2 - CSRF to Stored XSS vulnerabilityEPSS 0.1%CVE-2025-49345HIGHWordPress WP-EasyArchives plugin <= 3.1.2 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.1%