Weaknesses of type CWE-352

5,739 results
CVE-2025-58831MEDIUMWordPress Parallax Scrolling Enllax.js Plugin <= 0.0.6 - Cross Site Request Forgery (CSRF) VulnerabilityEPSS 0.1%CVE-2025-28933HIGHWordPress MaxA/B plugin <= 2.2.2 - CSRF to Stored XSS vulnerabilityEPSS 0.1%CVE-2025-39423HIGHWordPress Add to Header plugin <= 1.0 - CSRF to XSS vulnerabilityEPSS 0.1%CVE-2025-32546HIGHWordPress All push notification for WP Plugin <= 1.5.3 - CSRF to Reflected Cross Site Scripting (XSS) vulnerabilityEPSS 0.1%CVE-2025-39441HIGHWordPress Dashboard Notepads plugin <= 1.2.1 - CSRF to Stored XSS vulnerabilityEPSS 0.1%CVE-2025-39415HIGHWordPress Social Media Links plugin <= 1.0.3 - CSRF to Stored XSS vulnerabilityEPSS 0.1%CVE-2025-28925HIGHWordPress WATI Chat and Notification plugin <= 1.1.2 - CSRF to Stored Cross Site Scripting (XSS) vulnerabilityEPSS 0.1%CVE-2025-28932HIGHWordPress Insert Code plugin <= 2.4 - CSRF to Stored XSS vulnerabilityEPSS 0.1%CVE-2025-28900HIGHWordPress TabGarb Pro plugin <= 2.6 - CSRF to Stored XSS vulnerabilityEPSS 0.1%CVE-2025-28901HIGHWordPress Members page only for logged in users plugin <= 1.4.2 - CSRF to Stored XSS vulnerabilityEPSS 0.1%CVE-2025-39431HIGHWordPress Amazon Showcase WordPress Plugin plugin <= 2.2 - CSRF to XSS vulnerabilityEPSS 0.1%CVE-2025-57978MEDIUMWordPress Advanced Appointment Booking & Scheduling plugin <= 2.1 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.1%CVE-2025-28892HIGHWordPress FTP Sync plugin <= 1.1.6 - CSRF to Stored XSS vulnerabilityEPSS 0.1%CVE-2026-8903MEDIUMTwo-factor authentication (formerly IP Vault) <= 2.1 - Cross-Site Request Forgery to Settings UpdateEPSS 0.1%CVE-2025-39433HIGHWordPress Bknewsticker plugin <= 1.0.5 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.1%CVE-2025-39414HIGHWordPress spam-stopper plugin <= 3.1.3 - CSRF to Stored XSS vulnerabilityEPSS 0.1%CVE-2025-27277HIGHWordPress Add Linked Images To Gallery plugin <= 1.4 - CSRF to Stored XSS vulnerabilityEPSS 0.1%CVE-2026-24007MEDIUMTuleap is missing CSRF protection in the Overview inconsistent itemsEPSS 0.1%CVE-2025-39435HIGHWordPress My Marginalia plugin <= 1.0.6 - CSRF to Stored XSS vulnerabilityEPSS 0.1%CVE-2025-28891HIGHWordPress price-calc plugin <= 0.6.3 - CSRF to Stored XSS vulnerabilityEPSS 0.1%