Weaknesses of type CWE-352

5,728 results
CVE-2023-39159MEDIUMWordPress Fraud Prevention For Woocommerce Plugin <= 2.1.5 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.2%CVE-2025-31402HIGHWordPress NewsBoard Post and RSS Scroller plugin <= 1.2.12 - CSRF to Stored XSS vulnerabilityEPSS 0.2%CVE-2024-37240MEDIUMWordPress Falang multilanguage for WordPress plugin <= 1.3.51 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2025-31399HIGHWordPress CG Scroll To Top plugin <= 3.5 - CSRF to Stored XSS vulnerabilityEPSS 0.2%CVE-2024-37493MEDIUMWordPress Posterity theme <= 3.3 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2025-32479HIGHWordPress Flags Widget plugin <= 1.0.7 - CSRF to Stored XSS vulnerabilityEPSS 0.2%CVE-2025-31383HIGHWordPress FrescoChat Live Chat plugin <= 3.2.6 - CSRF to Stored XSS vulnerabilityEPSS 0.2%CVE-2023-25697MEDIUMWordPress GamiPress plugin <= 2.5.6 - CSRF Leading to Settings Change VulnerabilityEPSS 0.2%CVE-2026-1785MEDIUMCode Snippets <= 3.9.4 - Cross-Site Request Forgery to Cloud Snippet Download/Update ActionsEPSS 0.2%CVE-2026-1075MEDIUMZT Captcha <= 1.0.4 - Cross-Site Request Forgery to Settings UpdateEPSS 0.2%CVE-2025-31026HIGHWordPress Comment Validation Reloaded plugin <= 0.5 - CSRF to Stored XSS vulnerabilityEPSS 0.2%CVE-2024-12279MEDIUMWP Social AutoConnect <= 4.6.2 - Cross-Site Request Forgery to Reflected Cross-Site ScriptingEPSS 0.2%CVE-2024-37467MEDIUMWordPress Hestia theme <= 3.1.2 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2025-31382HIGHWordPress Language Field plugin <= 0.9 - CSRF to Stored XSS vulnerabilityEPSS 0.2%CVE-2024-35554MEDIUMidccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /admin/infoWeb_deal.php?mudi=del&dataType=newsWEPSS 0.2%CVE-2024-37491MEDIUMWordPress Rife Free theme <= 2.4.18 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2024-38762MEDIUMWordPress Event Tickets and Registration plugin <= 5.11.0.4 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2024-38765MEDIUMWordPress Oceanic theme <= 1.0.48 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2023-39158MEDIUMWordPress Woocommerce Category Banner Management Plugin <= 2.4.2 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.2%CVE-2025-32477HIGHWordPress WP-Easy Menu plugin <= 0.41 - CSRF to Stored XSS vulnerabilityEPSS 0.2%