Weaknesses of type CWE-352
5,730 resultsCVE-2026-22342HIGHWordPress WordPress Dating Theme theme <= 11.2.0 - Cross Site Request Forgery (CSRF) to Account Takeover vulnerabilityEPSS 0.2%CVE-2024-32550HIGHWordPress BMI Adult & Kid Calculator plugin <= 1.2.1 - CSRF to XSS vulnerabilityEPSS 0.2%CVE-2025-58468MEDIUMNotification CenterEPSS 0.2%CVE-2025-23662HIGHWordPress WP Panoramio plugin <= 1.5.0 - CSRF to Cross-Site Scripting vulnerabilityEPSS 0.2%CVE-2024-31285HIGHWordPress WordPress Tooltips plugin <= 9.5.3 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2025-22552HIGHWordPress Affiliate Disclosure Statement plugin <= 0.3 - CSRF to Stored XSS vulnerabilityEPSS 0.2%CVE-2024-4328MEDIUMCSRF in clear_personality_files_list in parisneo/lollms-webuiEPSS 0.2%CVE-2024-31105HIGHWordPress Tax Rate Upload plugin <= 2.4.5 - CSRF leading to Cross Site Scripting (XSS) vulnerabilityEPSS 0.2%CVE-2024-37469MEDIUMWordPress Blocksy theme <= 1.9.5 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2024-37938MEDIUMWordPress SociallyViral theme <= 1.0.10 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2024-36255MEDIUMPost actions can run playbook checklist task commandsEPSS 0.2%CVE-2024-37939MEDIUMWordPress Patricia Lite theme <= 1.2.3 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2025-56710HIGHA Cross-Site Request Forgery (CSRF) vulnerability was identified in the Profile Page of the PHPGurukul Student-Result-Management-System-UsinEPSS 0.2%CVE-2025-47491HIGHWordPress Contact Form Widget plugin <= 1.4.6 - Cross Site Request Forgery (CSRF) VulnerabilityEPSS 0.2%CVE-2024-55922MEDIUMCross-Site Request Forgery in Form Framework Module in TYPO3EPSS 0.2%CVE-2024-0613MEDIUMDelete Custom Fields <= 0.3.1 - Cross-Site Request Forgery to Post Meta DeletionEPSS 0.2%CVE-2024-37923MEDIUMWordPress Cliengo – Chatbot plugin <= 3.0.4 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2024-37941MEDIUMWordPress Internal Link Juicer: SEO Auto Linker for WordPress plugin <= 2.24.3 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2026-11194MEDIUMInappropriate implementation in Network in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to leak cross-origin data via a crEPSS 0.2%CVE-2024-35673MEDIUMWordPress Pure Chat plugin <= 2.22 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%