Weaknesses of type CWE-352
5,737 resultsCVE-2025-9616MEDIUMPopAd <= 1.0.4 - Cross-Site Request Forgery to Settings UpdateEPSS 0.1%CVE-2025-25072HIGHWordPress WP Admin Custom Page plugin <= 1.5.0 - CSRF to Stored XSS vulnerabilityEPSS 0.1%CVE-2025-25125HIGHWordPress Fyrebox Quizzes plugin <= 3.1 - CSRF to Stored XSS vulnerabilityEPSS 0.1%CVE-2025-44186MEDIUMSourceCodester Best Employee Management System 1.0 is vulnerable to Cross Site Request Forgery (CSRF) in /admin/Operation/User.php page.EPSS 0.1%CVE-2025-49510MEDIUMWordPress Min Max Step Quantity Limits Manager for WooCommerce plugin <= 5.1.0 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.1%CVE-2024-57159LOW07FLYCMS V1.3.9 was discovered to contain a Cross-Site Request Forgery (CSRF) via /erp.07fly.net:80/oa/OaWorkReport/add.html.EPSS 0.1%CVE-2024-46872MEDIUMClient-Side Path Traversal Leading to CSRF in PlaybooksEPSS 0.1%CVE-2025-31572MEDIUMWordPress Multi Days Events and Multi Events in One Day Calendar plugin <= 1.1.3 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.1%CVE-2025-57934MEDIUMWordPress LWS Affiliation Plugin <= 2.3.6 - Cross Site Request Forgery (CSRF) VulnerabilityEPSS 0.1%CVE-2025-13990MEDIUMMamurjor Employee Info <= 1.0.0 - Cross-Site Request Forgery to Arbitrary Employee and Related Data ManipulationEPSS 0.1%CVE-2026-32755MEDIUMAdmidio is Missing CSRF Protection on Role Membership Date ChangesEPSS 0.1%CVE-2025-57927MEDIUMWordPress Dashboard Notepad Plugin <= 1.42 - Cross Site Request Forgery (CSRF) VulnerabilityEPSS 0.1%CVE-2025-12070MEDIUMViaAds <= 2.1.2 - Cross-Site Request Forgery to API Key UpdateEPSS 0.1%CVE-2025-26926MEDIUMWordPress Booknetic plugin <= 4.0.9 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.1%CVE-2025-22669MEDIUMWordPress Awesome Event Booking plugin <= 2.7.5 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.1%CVE-2025-9884MEDIUMMobile Site Redirect <= 1.2.1 - Cross-Site Request Forgery to Stored Cross-Site ScriptingEPSS 0.1%CVE-2024-57611LOW07FLYCMS V1.3.9 was discovered to contain a Cross-Site Request Forgery (CSRF) via admin/doAdminAction.php?act=editShop&shopId.EPSS 0.1%CVE-2025-9632MEDIUMPhpList Subber <= 1.1 - Cross-Site Request ForgeryEPSS 0.1%CVE-2025-57930MEDIUMWordPress Double the Donation Plugin <= 2.0.0 - Cross Site Request Forgery (CSRF) VulnerabilityEPSS 0.1%CVE-2025-57915MEDIUMWordPress TOCHAT.BE Plugin <= 1.3.4 - Cross Site Request Forgery (CSRF) VulnerabilityEPSS 0.1%