Weaknesses of type CWE-352
5,725 resultsCVE-2024-50466MEDIUMWordPress DarkMySite – Advanced Dark Mode Plugin for WordPress plugin <= 1.2.8 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2025-23537HIGHWordPress add custom google tag manager plugin <= 1.0.3 - CSRF to Stored Cross-Site Scripting vulnerabilityEPSS 0.2%CVE-2024-28666MEDIUMDedeCMS v5.7 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via the component /dede/media_add.phpEPSS 0.2%CVE-2025-23508HIGHWordPress Extra Options – Favicons plugin <= 1.1.0 - CSRF to Stored XSS vulnerabilityEPSS 0.2%CVE-2024-31086HIGHWordPress Change default login logo,url and title plugin <= 2.0 - CSRF to XSS vulnerabilityEPSS 0.2%CVE-2025-23499HIGHWordPress Board Election plugin <= 1.0.1 - CSRF to Stored Cross Site Scripting (XSS) vulnerabilityEPSS 0.2%CVE-2025-23800HIGHWordPress OrangeBox plugin <= 3.0.0 - CSRF to Stored XSS vulnerabilityEPSS 0.2%CVE-2025-23501HIGHWordPress Cookie Consent & Autoblock for GDPR/CCPA plugin <= 1.0.1 - CSRF to Stored Cross Site Scripting (XSS) vulnerabilityEPSS 0.2%CVE-2024-13444MEDIUMwp-greet <= 6.2 - Cross-Site Request Forgery to Stored Cross-Site ScriptingEPSS 0.2%CVE-2025-23560HIGHWordPress Web Testimonials plugin <= 1.2 - CSRF to Stored XSS vulnerabilityEPSS 0.2%CVE-2025-23558HIGHWordPress Geotagged Media plugin <= 0.3.0 - CSRF to Stored XSS vulnerabilityEPSS 0.2%CVE-2024-51156MEDIUM07FLYCMS V1.3.9 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component 'erp.07fly.net:80/admin/SysNotifyUser/del.htEPSS 0.2%CVE-2025-23424HIGHWordPress Marquee Style RSS News Ticker plugin <= 3.2.0 - CSRF to Stored Cross Site Scripting (XSS) vulnerabilityEPSS 0.2%CVE-2024-39019MEDIUMidccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/idcProData_deal.php?mudi=delEPSS 0.2%CVE-2025-23497HIGHWordPress Simple Project Manager plugin <= 1.2.2 - CSRF to Stored Cross Site Scripting (XSS) vulnerabilityEPSS 0.2%CVE-2025-23513HIGHWordPress Bible Embed plugin <= 0.0.4 - CSRF to Stored Cross Site Scripting (XSS) vulnerabilityEPSS 0.2%CVE-2025-5185MEDIUMSummer Pearl Group Vacation Rental Management Platform cross-site request forgeryEPSS 0.2%CVE-2025-6670HIGHCross-Site Request Forgery (CSRF) in Multiple WSO2 Products via HTTP GET in Admin ServicesEPSS 0.2%CVE-2025-8103MEDIUMWPeMatico RSS Feed Fetcher <= 2.8.7 - Cross-Site Request Forgery to Plugin Deactivation via handle_feedback_submission FunctionEPSS 0.2%CVE-2015-20117MEDIUMRealtyScript 4.0.2 Cross-Site Request Forgery Unauthorized User CreationEPSS 0.2%