Weaknesses of type CWE-352
5,739 resultsCVE-2025-58831MEDIUMWordPress Parallax Scrolling Enllax.js Plugin <= 0.0.6 - Cross Site Request Forgery (CSRF) VulnerabilityEPSS 0.1%CVE-2025-63060MEDIUMWordPress KALLYAS theme < 4.25.0 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.1%CVE-2024-13710MEDIUMEstatebud – Properties & Listings <= 5.5.0 - Cross-Site Request Forgery to Settings UpdateEPSS 0.1%CVE-2025-23985MEDIUMWordPress Dynamic URL SEO plugin <= 1.0 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.1%CVE-2019-25250MEDIUMDevolo dLAN 500 AV Wireless+ 3.1.0-1 Cross-Site Request ForgeryEPSS 0.1%CVE-2026-9618MEDIUMPeachPay <= 1.120.46 - Cross-Site Request Forgery to Stripe UnlinkEPSS 0.1%CVE-2025-0807MEDIUMCITS Support svg, webp Media and TTF,OTF File Upload, Use Custom Fonts <= 4.2 - Cross-Site Request Forgery to Settings UpdateEPSS 0.1%CVE-2025-24533MEDIUMWordPress MetaSlider plugin <= 3.92.0 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.1%CVE-2025-13606MEDIUMExport All Posts, Products, Orders, Refunds & Users <= 2.19 - Cross-Site Request Forgery to Sensitive Information ExposureEPSS 0.1%CVE-2026-29839HIGHDedeCMS v5.7.118 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability in /sys_task_add.php.EPSS 0.1%CVE-2024-13682MEDIUMWallet System for WooCommerce – Wallet, Wallet Cashback, Refunds, Partial Payment, Wallet Restriction <= 2.6.2 - Cross-Site Request ForgeryEPSS 0.1%CVE-2016-20083MEDIUMWordPress More Fields Plugin 2.1 Cross-Site Request ForgeryEPSS 0.1%CVE-2019-25247MEDIUMBeward N100 H.264 VGA IP Camera M2.1.6 CSRF Add Admin VulnerabilityEPSS 0.1%CVE-2025-0990MEDIUMI Am Gloria <= 1.1.4 - Cross-Site Request ForgeryEPSS 0.1%CVE-2018-25298MEDIUMMerge PACS 7.0 Cross-Site Request Forgery via merge-viewerEPSS 0.1%CVE-2026-40471CRITICALHackage CSRF vulnerabilityEPSS 0.1%CVE-2025-25156HIGHWordPress Quote Comments plugin <= 3.0.0 - CSRF to Stored XSS vulnerabilityEPSS 0.1%CVE-2025-25153HIGHWordPress Simple Auto Tag plugin <= 1.1 - CSRF to Stored XSS vulnerabilityEPSS 0.1%CVE-2025-12412MEDIUMTop Bar Notification <= 1.12 - Cross-Site Request Forgery to Stored Cross-Site ScriptingEPSS 0.1%CVE-2025-25152HIGHWordPress Smart DoFollow plugin <= 1.0.2 - CSRF to Stored XSS vulnerabilityEPSS 0.1%