Weaknesses of type CWE-352

5,719 results
CVE-2022-45364MEDIUMWordPress Drag and Drop Multiple File Upload – Contact Form 7 Plugin <= 1.3.6.5 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.2%CVE-2023-27424MEDIUMWordPress Inactive User Deleter Plugin <= 1.59 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.2%CVE-2022-4938MEDIUMWCFM Frontend Manager <= 6.5.13 - Cross-Site Request ForgeryEPSS 0.2%CVE-2022-41633MEDIUMWordPress Community by PeepSo Plugin <= 6.0.2.0 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.2%CVE-2023-25709MEDIUMWordPress Locatoraid Store Locator Plugin <= 3.9.11 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.2%CVE-2022-33974MEDIUMWordPress Custom Twitter Feeds (Tweets Widget) Plugin <= 1.8.4 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.2%CVE-2023-6520MEDIUMWP 2FA – Two-factor authentication for WordPress <= 2.5.0 - Cross-Site Request ForgeryEPSS 0.2%CVE-2023-33926HIGHWordPress Easy Google Maps Plugin <= 1.11.7 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.2%CVE-2023-35774MEDIUMWordPress LWS Tools Plugin <= 2.4.1 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.2%CVE-2023-33316MEDIUMWordPress WooCommerce Follow-Up Emails (AutomateWoo) plugin <= 4.9.40 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.2%CVE-2023-25411MEDIUMAten PE8108 2.4.232 is vulnerable to Cross Site Request Forgery (CSRF).EPSS 0.2%CVE-2024-56206HIGHWordPress gap-hub-user-role. plugin <= 3.4.1 - CSRF to Broken Authentication vulnerabilityEPSS 0.2%CVE-2023-25973MEDIUMWordPress Auto Affiliate Links Plugin <= 6.3.0.2 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.2%CVE-2022-38716MEDIUMWordPress Motors – Car Dealer & Classified Ads Plugin <= 1.4.4 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.2%CVE-2023-35096MEDIUMWordPress myCred Plugin <= 2.5 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.2%CVE-2023-25698MEDIUMWordPress Shoppable Images Lite Plugin <= 1.2.3 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.2%CVE-2023-25448MEDIUMWordPress Archivist – Custom Archive Templates Plugin <= 1.7.4 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.2%CVE-2023-25467MEDIUMWordPress Resize at Upload Plus Plugin <= 1.3 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.2%CVE-2024-40455LOWAn arbitrary file deletion vulnerability in ThinkSAAS v3.7 allows attackers to delete arbitrary files via a crafted request.EPSS 0.2%CVE-2026-6455HIGHWP Contact Form 7 DB Handler <= 3.0 - Cross-Site Request Forgery to Arbitrary File Deletion via 'contact_form' ParameterEPSS 0.2%