Weaknesses of type CWE-352
5,740 resultsCVE-2025-30986MEDIUMWordPress Elite Video Player plugin <= 10.0.5 - Cross Site Request Forgery (CSRF) VulnerabilityEPSS 0.1%CVE-2018-25152MEDIUMEcessa Edge EV150 10.7.4 Cross-Site Request Forgery via User ConfigurationEPSS 0.1%CVE-2025-10311MEDIUMComment Info Detector <= 1.0.5 - Cross-Site Request Forgery to Settings UpdateEPSS 0.1%CVE-2025-53263MEDIUMWordPress Address Autocomplete via Google for Gravity Forms plugin <= 1.3.4 - Cross Site Request Forgery (CSRF) VulnerabilityEPSS 0.1%CVE-2025-25137MEDIUMWordPress Social Links plugin <= 1.0.11 - Stored Cross-Site Scripting vulnerabilityEPSS 0.1%CVE-2018-25150MEDIUMEcessa ShieldLink SL175EHQ 10.7.4 Cross-Site Request Forgery via User ConfigurationEPSS 0.1%CVE-2025-64482MEDIUMTuleap missing CSRF protections in the File Release SystemEPSS 0.1%CVE-2026-8425MEDIUMNotify Odoo <= 1.0.1 - Cross-Site Request Forgery to Settings UpdateEPSS 0.1%CVE-2024-45161MEDIUMA CSRF issue was discovered in the administrative web GUI in Blu-Castle BCUM221E 1.0.0P220507. This can be exploited via a URL, an image loaEPSS 0.1%CVE-2025-54673MEDIUMWordPress Chartify plugin <= 3.5.3 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.1%CVE-2025-31569HIGHWordPress wordpress related Posts with thumbnails plugin <= 3.0.0.1 - CSRF to Stored XSS vulnerabilityEPSS 0.1%CVE-2025-60164HIGHWordPress NewsmanApp plugin <= 2.7.7 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.1%CVE-2025-28964HIGHWordPress Personal Favicon plugin <= 2.0 - CSRF to Stored XSS vulnerabilityEPSS 0.1%CVE-2025-54674MEDIUMWordPress Product Configurator for WooCommerce Plugin plugin <= 1.4.4 - Cross Site Request Forgery (CSRF) VulnerabilityEPSS 0.1%CVE-2025-54672MEDIUMWordPress Photo Engine Plugin plugin <= 6.4.3 - Cross Site Request Forgery (CSRF) VulnerabilityEPSS 0.1%CVE-2025-50847MEDIUMCross Site Request Forgery (CSRF) vulnerability in CS Cart 4.18.3, allows attackers to add products to a user's comparison list via a crafteEPSS 0.1%CVE-2025-28950HIGHWordPress Post Author plugin <= 1.1.1 - Cross Site Request Forgery (CSRF) VulnerabilityEPSS 0.1%CVE-2025-56400HIGHCross-Site Request Forgery (CSRF) vulnerability in the OAuth implementation of the Tuya SDK 6.5.0 for Android and iOS, affects the Tuya SmarEPSS 0.1%CVE-2025-12172MEDIUMMailchimp List Subscribe Form <= 2.0.0 - Cross-Site Request Forgery to Mailchimp List ChangeEPSS 0.1%CVE-2025-58259HIGHWordPress Nokri Theme <= 1.6.4 - Cross Site Request Forgery (CSRF) VulnerabilityEPSS 0.1%