Weaknesses of type CWE-352
5,740 resultsCVE-2026-24542MEDIUMWordPress WP Term Order plugin <= 2.1.0 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.1%CVE-2026-0658MEDIUMFive Star Restaurant Reservations < 2.7.9 - Arbitrary Bookings Deletion via CSRFEPSS 0.1%CVE-2025-14165MEDIUMKirim.Email WooCommerce Integration <= 1.2.9 - Cross-Site Request Forgery to Settings UpdateEPSS 0.1%CVE-2026-24596MEDIUMWordPress Related Posts Thumbnails plugin for WordPress plugin <= 4.3.2 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.1%CVE-2025-14160MEDIUMUpcoming for Calendly <= 1.2.4 - Cross-Site Request Forgery to Settings UpdateEPSS 0.1%CVE-2026-20704MEDIUMCross-site request forgery vulnerability exists in ELECOM wireless LAN products. If a user accesses a malicious page while logged-in to the EPSS 0.1%CVE-2025-5925MEDIUMBunny’s Print CSS <= 0.95 - Cross-Site Request Forgery to Settings UpdateEPSS 0.1%CVE-2025-14454MEDIUMImage Slider by Ays- Responsive Slider and Carousel <= 2.7.0 - Cross-Site Request Forgery to Arbitrary Slider DeletionEPSS 0.1%CVE-2025-5924MEDIUMWP Firebase Push Notification <= 1.2.0 - Cross-Site Request Forgery to Broadcast NotificationEPSS 0.1%CVE-2025-14158MEDIUMCoding Blocks <= 1.1.0 - Cross-Site Request Forgery to Settings UpdateEPSS 0.1%CVE-2025-13144MEDIUMContentStudio <= 1.3.7 - Cross-Site Request Forgery to Settings UpdateEPSS 0.1%CVE-2025-14163MEDIUMPremium Addons for Elementor <= 4.11.53 - Cross-Site Request Forgery via 'insert_inner_template'EPSS 0.1%CVE-2025-59428MEDIUMEspoCRM allows arbitrary user creation via stored SVG injection and CSRFEPSS 0.1%CVE-2026-24549MEDIUMWordPress GeoDirectory plugin <= 2.8.149 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.1%CVE-2025-13684MEDIUMARK Related Posts <= 2.19 - Cross-Site Request Forgery to Settings UpdateEPSS 0.1%CVE-2026-7047MEDIUMFrontend User Notes <= 2.1.1 - Cross-Site Request Forgery to Note Content Modification via 'confirmEdit' ActionEPSS 0.1%CVE-2025-49977MEDIUMWordPress WP Inventory Manager plugin <= 2.3.4 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.1%CVE-2018-25354MEDIUMJoomla Component jomres 9.11.2 Cross-Site Request ForgeryEPSS 0.1%CVE-2018-25343MEDIUMSmartshop 1 Cross-Site Request Forgery via editprofile.phpEPSS 0.1%CVE-2025-49972MEDIUMWordPress TM Replace Howdy plugin <= 1.4.2 - Cross Site Request Forgery (CSRF) VulnerabilityEPSS 0.1%