Weaknesses of type CWE-352

5,728 results
CVE-2024-37493MEDIUMWordPress Posterity theme <= 3.3 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2024-37490MEDIUMWordPress Bard theme <= 2.210 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2025-30856MEDIUMWordPress Custom Field For WP Job Manager plugin <= 1.4 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2025-31383HIGHWordPress FrescoChat Live Chat plugin <= 3.2.6 - CSRF to Stored XSS vulnerabilityEPSS 0.2%CVE-2024-38765MEDIUMWordPress Oceanic theme <= 1.0.48 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2025-31400HIGHWordPress WS Audio Player plugin <= 1.1.8 - CSRF to Stored XSS vulnerabilityEPSS 0.2%CVE-2025-32479HIGHWordPress Flags Widget plugin <= 1.0.7 - CSRF to Stored XSS vulnerabilityEPSS 0.2%CVE-2025-31399HIGHWordPress CG Scroll To Top plugin <= 3.5 - CSRF to Stored XSS vulnerabilityEPSS 0.2%CVE-2024-37508MEDIUMWordPress Construction Landing Page theme <= 1.3.5 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2023-39159MEDIUMWordPress Fraud Prevention For Woocommerce Plugin <= 2.1.5 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.2%CVE-2025-31032HIGHWordPress Pagopar – WooCommerce Gateway plugin <= 2.7.1 - CSRF to Stored XSS vulnerabilityEPSS 0.2%CVE-2026-1075MEDIUMZT Captcha <= 1.0.4 - Cross-Site Request Forgery to Settings UpdateEPSS 0.2%CVE-2018-25336MEDIUMjCart for OpenCart 2.3.0.2 Cross-Site Request ForgeryEPSS 0.2%CVE-2024-37540MEDIUMWordPress Leaky Paywall plugin <= 4.21.2 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2023-39158MEDIUMWordPress Woocommerce Category Banner Management Plugin <= 2.4.2 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.2%CVE-2025-8891MEDIUMOceanWP <= 4.0.9 - 4.1.1 - Cross-Site Request Forgery to Ocean Extra Plugin InstallationEPSS 0.2%CVE-2023-25697MEDIUMWordPress GamiPress plugin <= 2.5.6 - CSRF Leading to Settings Change VulnerabilityEPSS 0.2%CVE-2024-38751MEDIUMWordPress AdsforWP plugin <= 1.9.28 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2023-40198MEDIUMWordPress Easy Cookie Law Plugin <= 3.1 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.2%CVE-2024-27717MEDIUMCross Site Request Forgery vulnerability in Eskooly Free Online School Management Software v.3.0 and before allows a remote attacker to escaEPSS 0.2%