Weaknesses of type CWE-352

5,725 results
CVE-2025-31840MEDIUMWordPress Simple Fixed Notice Plugin <= 1.6 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2025-30534MEDIUMWordPress Image Captcha plugin <= 1.2 - Cross Site Request Forgery (CSRF) to Settings Change vulnerabilityEPSS 0.2%CVE-2024-31936MEDIUMWordPress UsersWP plugin < 1.2.6 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2025-23821HIGHWordPress WP Cookies Alert plugin <= 1.1.1 - CSRF to Stored XSS vulnerabilityEPSS 0.2%CVE-2025-31784MEDIUMWordPress Embed Extended – Embed Maps, Videos, Websites, Source Codes, and more Plugin <= 1.4.0 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2025-31763MEDIUMWordPress Cache control by Cacholong Plugin <= 5.4.1 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2025-23810HIGHWordPress Len Slider Plugin <= 2.0.11 - CSRF to Reflected Cross Site Scripting (XSS) vulnerabilityEPSS 0.2%CVE-2024-33681HIGHWordPress Regenerate post permalink plugin <= 1.0.3 - Cross Site Request Forgery (CSRF) leading to XSS vulnerabilityEPSS 0.2%CVE-2025-30535MEDIUMWordPress External image replace plugin <= 1.0.8 - Cross Site Request Forgery (CSRF) to Settings Change vulnerabilityEPSS 0.2%CVE-2025-23842HIGHWordPress WordPress Gallery Plugin plugin <= 1.4 - CSRF to Stored XSS vulnerabilityEPSS 0.2%CVE-2025-30538MEDIUMWordPress Simple Optimizer plugin <= 1.2.7 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2025-23483HIGHWordPress Universal Analytics Injector plugin <= 1.0.3 - CSRF to Stored XSS vulnerabilityEPSS 0.2%CVE-2024-31434MEDIUMWordPress Newsletter plugin <= 8.0.6 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2025-31769MEDIUMWordPress CLP – Custom Login Page by NiteoThemes plugin <= 1.5.5 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2025-30541MEDIUMWordPress Info Boxes Shortcode And Widgets plugin <= 1.15 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2025-30556MEDIUMWordPress Fix Rss Feeds plugin <= 3.1 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2025-23471HIGHWordPress ECT Add to Cart Button plugin <= 1.4 - CSRF to Stored XSS vulnerabilityEPSS 0.2%CVE-2025-30816MEDIUMWordPress publish post email notification plugin <= 1.0.2.3 - Cross Site Request Forgery (CSRF) to Settings Change vulnerabilityEPSS 0.2%CVE-2025-30863MEDIUMWordPress Integration for Google Sheets and Contact Form 7, WPForms, Elementor, Ninja Forms plugin <= 1.0.9 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2025-23895HIGHWordPress Add RSS plugin <= 1.5 - CSRF to Stored XSS vulnerabilityEPSS 0.2%