Weaknesses of type CWE-352
5,728 resultsCVE-2025-31779MEDIUMWordPress Query Wrangler plugin <= 1.5.54 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2025-31399HIGHWordPress CG Scroll To Top plugin <= 3.5 - CSRF to Stored XSS vulnerabilityEPSS 0.2%CVE-2024-37493MEDIUMWordPress Posterity theme <= 3.3 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2025-31393HIGHWordPress Social Bookmarking RELOADED plugin <= 3.18 - CSRF to Stored XSS vulnerabilityEPSS 0.2%CVE-2018-25127MEDIUMSOCA Access Control System 180612 Cross-Site Request Forgery via Admin InterfaceEPSS 0.2%CVE-2025-32250MEDIUMWordPress Rollbar plugin <= 2.7.1 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2023-39159MEDIUMWordPress Fraud Prevention For Woocommerce Plugin <= 2.1.5 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.2%CVE-2025-31026HIGHWordPress Comment Validation Reloaded plugin <= 0.5 - CSRF to Stored XSS vulnerabilityEPSS 0.2%CVE-2025-31395HIGHWordPress Easy Custom CSS plugin <= 1.0 - CSRF to Stored XSS vulnerabilityEPSS 0.2%CVE-2024-54401HIGHWordPress Advanced Fancybox plugin <= 1.1.1 - CSRF to Stored XSS vulnerabilityEPSS 0.2%CVE-2024-7862MEDIUMBlog Introduction <= 0.3.0 - Settings Update via CSRFEPSS 0.2%CVE-2024-54400HIGHWordPress AppMaps plugin <= 1.1 - CSRF to Stored XSS vulnerabilityEPSS 0.2%CVE-2024-39628MEDIUMWordPress Ninja Forms plugin <= 3.8.6 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2024-54394HIGHWordPress Mandrill WP plugin <= 1.0.5 - CSRF to Stored XSS vulnerabilityEPSS 0.2%CVE-2025-32485MEDIUMWordPress WP Performance Pack plugin <= 2.5.4 - Cross Site Request Forgery (CSRF) VulnerabilityEPSS 0.2%CVE-2024-54397HIGHWordPress Go Animate plugin <= 1.0 - CSRF to Stored XSS vulnerabilityEPSS 0.2%CVE-2024-54388HIGHWordPress Multiple Admin Emails plugin <= 1.0 - CSRF to Stored XSS vulnerabilityEPSS 0.2%CVE-2024-12288MEDIUMSimple add pages or posts <= 2.0.0 - Cross-Site Request Forgery to Reflected Cross-Site ScriptingEPSS 0.2%CVE-2024-54389HIGHWordPress addWeather plugin <= 2.5.1 - CSRF to Stored XSS vulnerabilityEPSS 0.2%CVE-2024-54398HIGHWordPress Flaming Forms plugin <= 1.0.1 - CSRF to Stored XSS vulnerabilityEPSS 0.2%