Weaknesses of type CWE-352
5,740 resultsCVE-2025-49439MEDIUMWordPress Atelier Create CV plugin <= 1.1.5 - Cross Site Request Forgery (CSRF) to Settings Change vulnerabilityEPSS 0.1%CVE-2025-39351MEDIUMWordPress Grand Restaurant WordPress theme <= 7.0 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.1%CVE-2026-1398MEDIUMChange WP URL <= 1.0 - Cross-Site Request Forgery to Settings UpdateEPSS 0.1%CVE-2026-4143MEDIUMNeos Connector for Fakturama <= 0.0.14 - Cross-Site Request Forgery to Settings UpdateEPSS 0.1%CVE-2025-14616MEDIUMRecooty <= 1.0.6 - Cross-Site Request Forgery to Settings UpdateEPSS 0.1%CVE-2025-48265MEDIUMWordPress Year Make Model Search for WooCommerce plugin <= 1.0.11 - Cross Site Request Forgery (CSRF) to Settings Change vulnerabilityEPSS 0.1%CVE-2025-53327MEDIUMWordPress Aioseo Multibyte Descriptions plugin <= 0.0.6 - Cross Site Request Forgery (CSRF) VulnerabilityEPSS 0.1%CVE-2025-48259MEDIUMWordPress WP Mapa Politico España plugin <= 3.8.0 - Cross Site Request Forgery (CSRF) to Settings Change vulnerabilityEPSS 0.1%CVE-2025-39371MEDIUMWordPress Author Box Plugin With Different Description plugin <= 1.3.5 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.1%CVE-2026-22030MEDIUMReact Router has CSRF issue in Action/Server Action Request ProcessingEPSS 0.1%CVE-2025-49964MEDIUMWordPress ClipLink plugin <= 1.1 - Cross Site Request Forgery (CSRF) VulnerabilityEPSS 0.1%CVE-2025-54041MEDIUMWordPress Wallet System for WooCommerce plugin <= 2.6.7 - Cross Site Request Forgery (CSRF) VulnerabilityEPSS 0.1%CVE-2026-1673MEDIUMBEAR – Bulk Editor and Products Manager Professional for WooCommerce by Pluginus.Net <= 1.1.5 - Cross-Site Request Forgery to Taxonomy Term DeletionEPSS 0.1%CVE-2025-62739MEDIUMWordPress Add Custom Codes plugin <= 4.80 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.1%CVE-2025-60134MEDIUMWordPress WP Media Categories Plugin <= 2.1.0 - Cross Site Request Forgery (CSRF) VulnerabilityEPSS 0.1%CVE-2025-62890MEDIUMWordPress Premmerce Brands for WooCommerce plugin <= 1.2.13 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.1%CVE-2025-42923MEDIUMCross-Site Request Forgery (CSRF) vulnerability in SAP Fiori App (F4044 Manage Work Center Groups)EPSS 0.1%CVE-2026-7616MEDIUMZawgyi Embed <= 2.1.1 - Cross-Site Request Forgery via 'zawgyi_forceCSS' ParameterEPSS 0.1%CVE-2025-54039MEDIUMWordPress Animator plugin <= 3.0.16 - Cross Site Request Forgery (CSRF) VulnerabilityEPSS 0.1%CVE-2024-44293MEDIUMA privacy issue was addressed with improved private data redaction for log entries. This issue is fixed in macOS Sequoia 15.1. A user may beEPSS 0.1%