Weaknesses of type CWE-352
5,740 resultsCVE-2025-54694MEDIUMWordPress Button Block Plugin plugin <= 1.2.0 - Cross Site Request Forgery (CSRF) VulnerabilityEPSS 0.1%CVE-2026-8905MEDIUMOsiris Signature Banner <= 0.5 - Cross-Site Request Forgery to Stored Cross-Site Scripting via 'prepend_text' ParameterEPSS 0.1%CVE-2025-31583HIGHWordPress WP Copy Media URL plugin <= 2.1 - CSRF to Stored XSS vulnerabilityEPSS 0.1%CVE-2025-31585HIGHWordPress Leadfox for WordPress plugin <= 2.1.9 - CSRF to Stored XSS vulnerabilityEPSS 0.1%CVE-2025-13982HIGHLogin Time Restriction - Moderately critical - Cross-Site Request Forgery - SA-CONTRIB-2025-120EPSS 0.1%CVE-2025-26931HIGHWordPress Tribulant Gallery Voting plugin <= 1.2.1 - CSRF to Stored XSS vulnerabilityEPSS 0.1%CVE-2025-31570HIGHWordPress Related Posts Widget with Thumbnails plugin <= 1.2 - CSRF to Stored XSS vulnerabilityEPSS 0.1%CVE-2025-31566HIGHWordPress Rio Video Gallery plugin <= 2.3.6 - CSRF to Stored XSS vulnerabilityEPSS 0.1%CVE-2025-26768HIGHWordPress what3words Address Field plugin <= 4.0.15 - CSRF to Stored XSS vulnerabilityEPSS 0.1%CVE-2025-54671MEDIUMWordPress oik plugin <= 4.15.2 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.1%CVE-2026-9719MEDIUMLatePoint <= 5.6.0 - Cross-Site Request Forgery via invoices__change_status ActionEPSS 0.1%CVE-2025-31449HIGHWordPress The Visitor Counter plugin <= 1.4.3 - Cross Site Request Forgery (CSRF) to Stored XSS vulnerabilityEPSS 0.1%CVE-2026-7533MEDIUMEasy Digital Downloads <= 3.6.7 - Cross-Site Request Forgery to Payment Account Hijacking via 'square_tokens' ParameterEPSS 0.1%CVE-2025-30981MEDIUMWordPress WP-Recall plugin <= 16.26.14 - CSRF to Privilege Escalation vulnerabilityEPSS 0.1%CVE-2025-23502HIGHWordPress Curated Search plugin <= 1.2 - CSRF to Stored XSS vulnerabilityEPSS 0.1%CVE-2025-64117MEDIUMTuleap missing CSRF protection in the management of SVN commit rules and immutable tagsEPSS 0.1%CVE-2025-57918HIGHWordPress LinkedInclude Plugin <= 3.0.4 - Cross Site Request Forgery (CSRF) VulnerabilityEPSS 0.1%CVE-2025-26759HIGHWordPress Content Snippet Manager plugin <= 1.1.5 - CSRF to Stored XSS vulnerabilityEPSS 0.1%CVE-2025-28974HIGHWordPress Free WP Mail SMTP plugin <= 1.0 - Cross Site Request Forgery (CSRF) to Stored XSS vulnerabilityEPSS 0.1%CVE-2024-0392MEDIUMCross-Site Request Forgery (CSRF) in WSO2 Enterprise Integrator 6.6.0 Management Console Due to Missing CSRF Token ValidationEPSS 0.1%