Weaknesses of type CWE-352
5,703 resultsCVE-2023-28694MEDIUMWordPress Wbcom Designs – BuddyPress Activity Social Share Plugin <= 3.5.0 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.3%CVE-2024-48913MEDIUMHono vulnerable to bypass of CSRF Middleware by a request without Content-Type header.EPSS 0.3%CVE-2022-33201MEDIUMWordPress MailerLite – Signup forms (official) plugin <= 1.5.7 - Cross-Site Request Forgery (CSRF) vulnerabilityEPSS 0.3%CVE-2023-2717MEDIUMGroundhogg <= 2.7.9.8 - Cross-Site Request Forgery to Disable All PluginsEPSS 0.3%CVE-2024-0830MEDIUMComments Extra Fields For Post,Pages and CPT <= 5.0 - Cross-Site Request ForgeryEPSS 0.3%CVE-2023-24395MEDIUMWordPress Contact Form 7 Redirect & Thank You Page Plugin <= 1.0.3 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.3%CVE-2023-23993MEDIUMWordPress IP Blocker Lite Plugin <= 11.1.1 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.3%CVE-2023-31088MEDIUMWordPress Floating Action Button Plugin <=1.2.1 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.3%CVE-2023-26542MEDIUMWordPress phpinfo() WP Plugin <= 4.0 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.3%CVE-2023-34171MEDIUMWordPress WP Report Post Plugin <= 2.1.2 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.3%CVE-2023-34025MEDIUMWordPress LWS Hide Login Plugin <= 2.1.6 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.3%CVE-2024-1642MEDIUMMainWP Dashboard <= 4.6.0.1 - Cross-Site Request Forgery via posting_bulkEPSS 0.3%CVE-2024-22715HIGHStupid Simple CMS <=1.2.4 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /admin-edit.php.EPSS 0.3%CVE-2023-30478MEDIUMWordPress Newsletters Plugin <= 4.8.8 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.3%CVE-2023-28995MEDIUMWordPress Configurable Tag Cloud Plugin <= 5.2 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.3%CVE-2023-34169MEDIUMWordPress TS Webfonts for さくらのレンタルサーバ Plugin <= 3.1.2 is vulnerable to Broken Access ControlEPSS 0.3%CVE-2023-32745MEDIUMWordPress AutomateWoo Plugin <= 5.7.1 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.3%CVE-2023-34002MEDIUMWordPress WP Inventory Manager Plugin <= 2.1.0.13 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.3%CVE-2024-26349MEDIUMflusity-CMS v2.33 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /core/tools/delete_translation.phpEPSS 0.3%CVE-2023-32744MEDIUMWordPress WooCommerce Product Recommendations Plugin < 2.3.0 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.3%