Weaknesses of type CWE-352

5,738 results
CVE-2024-13338MEDIUMWebcraftic Clearfy – WordPress optimization plugin <= 2.3.1 - Cross-Site Request Forgery to Clear CacheEPSS 0.1%CVE-2025-24549HIGHWordPress Post Meta plugin <= 1.0.9 - Reflected Cross Site Scripting (XSS) vulnerabilityEPSS 0.1%CVE-2025-9881MEDIUMUltimate Blogroll <= 2.5.2 - Cross-Site Request Forgery to Stored Cross-Site ScriptingEPSS 0.1%CVE-2025-26545HIGHWordPress Related Posts Line-up-Exactly by Milliard plugin <= 0.0.22 - CSRF to Stored XSS vulnerabilityEPSS 0.1%CVE-2025-59480MEDIUMInadequate validation of SSO redirect credentials permits credential theftEPSS 0.1%CVE-2025-30965MEDIUMWordPress WPJobBoard plugin < 5.11.1 - Multiple Cross Site Request Forgery (CSRF) vulnerabilities vulnerabilityEPSS 0.1%CVE-2025-9883MEDIUMBrowser Sniff <= 2.3 - Cross-Site Request Forgery to Stored Cross-Site ScriptingEPSS 0.1%CVE-2025-26549HIGHWordPress WP Html Page Sitemap plugin <= 2.2 - CSRF to Stored Cross-Site ScriptingEPSS 0.1%CVE-2025-25160HIGHWordPress Style Tweaker plugin <= 0.11 - CSRF to Stored XSS vulnerabilityEPSS 0.1%CVE-2025-12586MEDIUMConditional Maintenance Mode for WordPress <= 1.0.0 - Cross-Site Request ForgeryEPSS 0.1%CVE-2025-7688MEDIUMAdd User Meta <= 1.0.1 - Cross-Site Request Forgery to Stored Cross-Site ScriptingEPSS 0.1%CVE-2025-9882MEDIUMosTicket WP Bridge <= 1.9.2 - Cross-Site Request Forgery to Stored Cross-Site ScriptingEPSS 0.1%CVE-2025-26543HIGHWordPress Simple Responsive Menu plugin <= 2.1 - CSRF to Stored XSS vulnerabilityEPSS 0.1%CVE-2025-63953MEDIUMA Cross-Site Request Forgery (CSRF) in the /usapi?method=add-user component of Magewell Pro Convert v1.2.213 allows attackers to arbitrarilyEPSS 0.1%CVE-2024-45983MEDIUMA Cross-Site Request Forgery (CSRF) vulnerability exists in kishan0725's Hospital Management System version 6.3.5. The vulnerability allows EPSS 0.1%CVE-2025-26580HIGHWordPress Page/Post Specific Social Share Buttons plugin <= 2.1 - CSRF to Stored XSS vulnerabilityEPSS 0.1%CVE-2025-26578HIGHWordPress Simple Documentation plugin <= 1.2.8 - CSRF to Stored XSS vulnerabilityEPSS 0.1%CVE-2025-26572HIGHWordPress WP PHPList Plugin <= 1.7 - CSRF to Stored XSS vulnerabilityEPSS 0.1%CVE-2025-15377MEDIUMSosh Share Buttons <= 1.1.0 - Cross-Site Request ForgeryEPSS 0.1%CVE-2025-46436MEDIUMWordPress SCSS-Library plugin <= 0.4.1 - Cross Site Request Forgery (CSRF) VulnerabilityEPSS 0.1%