Weaknesses of type CWE-352
5,724 resultsCVE-2023-46778MEDIUMWordPress Auto Limit Posts Reloaded Plugin <= 2.5 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.2%CVE-2024-49621HIGHWordPress APA Register Newsletter Form plugin <= 1.0.0 - CSRF to SQL Injection vulnerabilityEPSS 0.2%CVE-2023-51378MEDIUMWordPress Rise Blocks Plugin <= 3.1 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.2%CVE-2024-54430MEDIUMWordPress EELV Newsletter plugin <= 4.8.2 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2023-5897MEDIUMCross-Site Request Forgery (CSRF) in pkp/customLocaleEPSS 0.2%CVE-2022-38075MEDIUMWordPress Mantenimiento web plugin <= 0.13 - Cross-Site Request Forgery (CSRF) vulnerability leading to Stored Cross-Site Scripting (XSS)EPSS 0.2%CVE-2025-0810HIGHRead More & Accordion <= 3.4.7 - Cross-Site Request Forgery to Local File InclusionEPSS 0.2%CVE-2023-23671HIGHWordPress Layer Slider Plugin <= 1.1.9.7 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.2%CVE-2023-25170MEDIUMPrestaShop has possible CSRF token fixationEPSS 0.2%CVE-2023-51358MEDIUMWordPress Block IPs for Gravity Forms Plugin <= 1.0.1 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.2%CVE-2024-11342MEDIUMSkt NURCaptcha <= 3.5.0 - Cross-Site Request Forgery to Stored Cross-Site ScriptingEPSS 0.2%CVE-2024-4312MEDIUMSoccer Engine – Soccer Plugin for WordPress <= 1.12 - Cross-Site Request ForgeryEPSS 0.2%CVE-2024-4082MEDIUMJoli FAQ SEO – WordPress FAQ Plugin <= 1.3.2 - Cross-Site Request ForgeryEPSS 0.2%CVE-2022-1607MEDIUMCross Site Scripting vulnerability in NE843 Pulsar Plus ControllerEPSS 0.2%CVE-2024-2110MEDIUMEvents Manager <= 6.4.7.1 - Cross-Site Request ForgeryEPSS 0.2%CVE-2024-1954MEDIUMOliver POS – A WooCommerce Point of Sale (POS) <= 2.4.1.8 - Cross-Site Request ForgeryEPSS 0.2%CVE-2024-45270MEDIUMWordPress plugin "Carousel Slider" provided by Sayful Islam contains a cross-site request forgery vulnerability on Hero image selection featEPSS 0.2%CVE-2024-4463MEDIUMSquelch Tabs and Accordions Shortcodes <= 0.4.7 - Cross-Site Request ForgeryEPSS 0.2%CVE-2024-7850MEDIUMBP Profile Search <= 5.7.5 - Cross-Site Request Forgery to Reflected Cross-Site ScriptingEPSS 0.2%CVE-2024-11444MEDIUMCLUEVO LMS, E-Learning Platform <= 1.13.2 - Cross-Site Request Forgery to Module DeletionEPSS 0.2%