Weaknesses of type CWE-352
5,728 resultsCVE-2024-54388HIGHWordPress Multiple Admin Emails plugin <= 1.0 - CSRF to Stored XSS vulnerabilityEPSS 0.2%CVE-2024-35109MEDIUMidccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /homePro_deal.php?mudi=add&nohrefStr=close.EPSS 0.2%CVE-2026-14016MEDIUMInappropriate implementation in SVG in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to leak cross-origin data via a crafteEPSS 0.2%CVE-2025-32494MEDIUMWordPress reCAPTCHA Jetpack plugin <= 0.2.2 - Cross Site Request Forgery (CSRF) VulnerabilityEPSS 0.2%CVE-2026-11195MEDIUMInappropriate implementation in MHTML in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who convinced a user to engage in spEPSS 0.2%CVE-2024-13555MEDIUM1 Click WordPress Migration Plugin – 100% FREE for a limited time <= 2.2 - Cross-Site Request Forgery to Backup Process CancellationEPSS 0.2%CVE-2024-40886MEDIUMOne-click Client-Side Path Traversal Leading to CSRF in User Management admin pageEPSS 0.2%CVE-2025-32485MEDIUMWordPress WP Performance Pack plugin <= 2.5.4 - Cross Site Request Forgery (CSRF) VulnerabilityEPSS 0.2%CVE-2024-54397HIGHWordPress Go Animate plugin <= 1.0 - CSRF to Stored XSS vulnerabilityEPSS 0.2%CVE-2024-7862MEDIUMBlog Introduction <= 0.3.0 - Settings Update via CSRFEPSS 0.2%CVE-2025-39546MEDIUMWordPress ElementsReady Addons for Elementor plugin <= 6.6.2 - Cross Site Request Forgery (CSRF) VulnerabilityEPSS 0.2%CVE-2025-39517MEDIUMWordPress Basic Interactive World Map plugin <= 2.7 - Cross Site Request Forgery (CSRF) to Settings Change vulnerabilityEPSS 0.2%CVE-2024-54401HIGHWordPress Advanced Fancybox plugin <= 1.1.1 - CSRF to Stored XSS vulnerabilityEPSS 0.2%CVE-2025-64138MEDIUMA cross-site request forgery (CSRF) vulnerability in Jenkins Start Windocks Containers Plugin 1.4 and earlier allows attackers to connect toEPSS 0.2%CVE-2025-64141MEDIUMA cross-site request forgery (CSRF) vulnerability in Jenkins Nexus Task Runner Plugin 0.9.2 and earlier allows attackers to connect to an atEPSS 0.2%CVE-2024-54404HIGHWordPress MDC Comment Toolbar plugin <= 1.1 - CSRF to Stored XSS vulnerabilityEPSS 0.2%CVE-2024-54391HIGHWordPress WordPress Filter plugin <= 1.4.1 - CSRF to Stored XSS vulnerabilityEPSS 0.2%CVE-2024-54399HIGHWordPress CRUDLab Google Plus Button plugin <= 1.0.2 - CSRF to Stored XSS vulnerabilityEPSS 0.2%CVE-2024-54394HIGHWordPress Mandrill WP plugin <= 1.0.5 - CSRF to Stored XSS vulnerabilityEPSS 0.2%CVE-2024-54400HIGHWordPress AppMaps plugin <= 1.1 - CSRF to Stored XSS vulnerabilityEPSS 0.2%