Weaknesses of type CWE-352

5,740 results
CVE-2025-58800MEDIUMWordPress WP Email Template plugin <= 2.8.5 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.1%CVE-2025-58675MEDIUMWordPress Interact: Embed A Quiz On Your Site Plugin <= 3.1 - Cross Site Request Forgery (CSRF) VulnerabilityEPSS 0.1%CVE-2025-31906HIGHWordPress WP Profitshare Plugin <= 1.4.9 - CSRF to Stored XSS vulnerabilityEPSS 0.1%CVE-2025-60113MEDIUMWordPress Groovy Menu Plugin <= 1.4.3 - Cross Site Request Forgery (CSRF) VulnerabilityEPSS 0.1%CVE-2025-57895MEDIUMWordPress JobWP Plugin <= 2.4.3 - Cross Site Request Forgery (CSRF) VulnerabilityEPSS 0.1%CVE-2026-28761HIGHCross-site request forgery vulnerability exists in Musetheque V4 Information Disclosure for IPKNOWLEDGE V4L1 rev2203.0 and earlier. If a useEPSS 0.1%CVE-2025-58032MEDIUMWordPress WP Compiler Plugin <= 1.0.0 - Cross Site Request Forgery (CSRF) VulnerabilityEPSS 0.1%CVE-2025-48318MEDIUMWordPress 多说社会化评论框 plugin <= 1.2 - Cross Site Request Forgery (CSRF) to Settings Change vulnerabilityEPSS 0.1%CVE-2025-48310MEDIUMWordPress Table Editor plugin <= 1.6.4 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.1%CVE-2025-57893MEDIUMWordPress WP Fast Total Search Plugin <= 1.79.270 - Cross Site Request Forgery (CSRF) VulnerabilityEPSS 0.1%CVE-2025-52769MEDIUMWordPress flexo-social-gallery Plugin <= 1.0006 - Cross Site Request Forgery (CSRF) VulnerabilityEPSS 0.1%CVE-2025-43748HIGHInsufficient CSRF protection for omni-administrator users in Liferay Portal 7.0.0 through 7.4.3.119, and Liferay DXP 2024.Q1.1 through 2024.EPSS 0.1%CVE-2026-4071MEDIUMBirdSeed <= 2.2.0 - Cross-Site Request Forgery via BirdSeed Token ChangeEPSS 0.1%CVE-2025-58802MEDIUMWordPress TrustMate.io – WooCommerce integration plugin <= 1.16.0 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.1%CVE-2025-47517HIGHWordPress Accept Donations with PayPal plugin <= 1.4.5 - CSRF to Stored XSS vulnerabilityEPSS 0.1%CVE-2024-4128LOWCSRF in firebase-tools emulator suiteEPSS 0.1%CVE-2025-31623HIGHWordPress Rich Text Editor plugin <= 1.0.1 - CSRF to Stored XSS vulnerabilityEPSS 0.1%CVE-2025-27332HIGHWordPress Smart Maintenance & Countdown Plugin <= 1.2 - CSRF to Stored XSS vulnerabilityEPSS 0.1%CVE-2025-54682MEDIUMWordPress Connector for Gravity Forms and Google Sheets Plugin plugin <= 1.2.4 - Cross Site Request Forgery (CSRF) VulnerabilityEPSS 0.1%CVE-2025-60145MEDIUMWordPress Lenix scss compiler Plugin <= 1.2 - Cross Site Request Forgery (CSRF) VulnerabilityEPSS 0.1%