Weaknesses of type CWE-352
5,733 resultsCVE-2025-11954HIGHCSRF in Sitemio's WISECPEPSS 0.2%CVE-2024-37426MEDIUMWordPress Elegant Pink theme 1.3.0 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2024-53720HIGHWordPress WP-ISPConfig 3 plugin <= 1.5.6 - CSRF to Stored XSS vulnerabilityEPSS 0.2%CVE-2024-11341MEDIUMSimple Redirection <= 1.5 - Cross-Site Request Forgery to Arbitrary Site RedirectEPSS 0.2%CVE-2025-54256HIGHDreamweaver Desktop | Cross-Site Request Forgery (CSRF) (CWE-352)EPSS 0.2%CVE-2024-53722HIGHWordPress Favicon My Blog plugin <= 1.0.2 - CSRF to Stored Cross Site Scripting (XSS) vulnerabilityEPSS 0.2%CVE-2024-53717HIGHWordPress yPHPlista plugin <= 1.1.1 - CSRF to Stored Cross Site Scripting (XSS) vulnerabilityEPSS 0.2%CVE-2025-50036MEDIUMWordPress Mailing Group Listserv plugin <= 3.0.5 - Cross Site Request Forgery (CSRF) VulnerabilityEPSS 0.2%CVE-2024-53726HIGHWordPress RealtyCandy IDX Broker Extended plugin <= 1.5.1 - CSRF to Stored Cross Site Scripting (XSS) vulnerabilityEPSS 0.2%CVE-2024-53727HIGHWordPress LinkLaunder SEO plugin <= 0.92.1 - CSRF to Stored Cross Site Scripting (XSS) vulnerabilityEPSS 0.2%CVE-2025-7369MEDIUMShortcodes Ultimate <= 7.4.2 - Cross-Site Request Forgery to Arbitrary Shortcode ExecutionEPSS 0.2%CVE-2021-27701MEDIUMSOCIFI Socifi Guest wifi as SAAS is affected by Cross Site Request Forgery (CSRF) via the Socifi wifi portal. The application does not contaEPSS 0.2%CVE-2024-52477HIGHWordPress Document & Data Automation plugin <= 1.6.1 - CSRF to Stored XSS vulnerabilityEPSS 0.2%CVE-2024-53719HIGHWordPress Zajax – Ajax Navigation plugin <= 0.4 - CSRF to Stored Cross Site Scripting (XSS) vulnerabilityEPSS 0.2%CVE-2024-56229MEDIUMWordPress SearchIQ plugin <= 4.6 - Cross-Site Requst Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2026-27589MEDIUMCaddy vulnerable to cross-origin config application via local admin API /load (caddy)EPSS 0.2%CVE-2024-53716HIGHWordPress wp auto top plugin <= 2.9.3 - CSRF to Stored Cross Site Scripting (XSS) vulnerabilityEPSS 0.2%CVE-2025-28954HIGHWordPress Backwp plugin <= 2.0.2 - CSRF to Arbitrary File Deletion vulnerabilityEPSS 0.2%CVE-2025-23708HIGHWordPress DF Draggable plugin <= 1.13.2 - CSRF to Stored XSS vulnerabilityEPSS 0.2%CVE-2026-22202MEDIUMwpDiscuz before 7.6.47 - Destructive GET Action Deletes All Comments by EmailEPSS 0.2%