Weaknesses of type CWE-352
5,721 resultsCVE-2025-3064HIGHWPFront User Role Editor <= 4.2.1 - Cross-Site Request Forgery to Privilege Escalation via whitelist_options FunctionEPSS 0.2%CVE-2024-31382MEDIUMWordPress Blocksy theme <= 2.0.22 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2024-8026HIGHCSRF due to overly permissive CORS headers in netease-youdao/qanythingEPSS 0.2%CVE-2023-3408MEDIUMBricks <= 1.8.1 - Cross-Site Request Forgery via save_settingsEPSS 0.2%CVE-2023-35913MEDIUMWordPress OOPSpam Anti-Spam Plugin <= 1.1.44 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.2%CVE-2023-50861MEDIUMWordPress HUSKY plugin <= 1.3.4.3 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2023-37991MEDIUMWordPress WP Emoji One Plugin <= 0.6.0 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.2%CVE-2023-44237MEDIUMWordPress WP Site Protector Plugin <= 2.0 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.2%CVE-2023-52123MEDIUMWordPress Strong Testimonials Plugin <= 3.1.10 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.2%CVE-2025-30615CRITICALWordPress WP e-Commerce Style Email plugin <= 0.6.2 - CSRF to Remote Code Execution vulnerabilityEPSS 0.2%CVE-2024-31429MEDIUMWordPress Sarada Lite theme <= 1.1.2 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2023-52145MEDIUMWordPress Republish Old Posts Plugin <= 1.21 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.2%CVE-2023-44238MEDIUMWordPress Remove slug from custom post type Plugin <= 1.0.3 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.2%CVE-2023-44243MEDIUMWordPress Instant CSS Plugin <= 1.2.1 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.2%CVE-2023-35091MEDIUMWordPress WooCommerce Stock Manager Plugin <= 2.10.0 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.2%CVE-2023-1923MEDIUMWP Fastest Cache <= 1.1.2 - Cross-Site Request Forgery via 'wpfc_remove_cdn_integration_ajax_request_callback'EPSS 0.2%CVE-2023-51522MEDIUMWordPress Paid Membership Subscriptions plugin <= 2.10.4 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2023-1926MEDIUMWP Fastest Cache <= 1.1.2 - Cross-Site Request Forgery via 'deleteCacheToolbar'EPSS 0.2%CVE-2023-51407MEDIUMWordPress Split Test For Elementor plugin <= 1.6.9 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2023-1925MEDIUMWP Fastest Cache <= 1.1.2 - Cross-Site Request Forgery via 'wpfc_clear_cache_of_allsites_callback'EPSS 0.2%