Weaknesses of type CWE-352
5,740 resultsCVE-2025-46492HIGHWordPress Call Now PHT Blog plugin <= 2.4.1 - CSRF to XSS vulnerabilityEPSS 0.1%CVE-2025-58801MEDIUMWordPress Responder Plugin <= 4.3.8 - Cross Site Request Forgery (CSRF) VulnerabilityEPSS 0.1%CVE-2025-52463LOWCross-site request forgery vulnerability exists in Active! mail 6 BuildInfo: 6.60.06008562 and earlier. If this vulnerability is exploited, EPSS 0.1%CVE-2025-46508HIGHWordPress Advanced lazy load plugin <= 1.6.0 - CSRF to Stored XSS vulnerabilityEPSS 0.1%CVE-2025-59893HIGHCross-Site request forgery (CSRF) vulnerability in Sync Breeze Enterprise ServerEPSS 0.1%CVE-2025-46506HIGHWordPress WpZon – Amazon Affiliate Plugin plugin <= 1.3 - CSRF to XSS vulnerabilityEPSS 0.1%CVE-2025-53219MEDIUMWordPress WP-Database-Optimizer-Tools Plugin <= 0.2 - Cross Site Request Forgery (CSRF) VulnerabilityEPSS 0.1%CVE-2025-28981HIGHWordPress WP Mail Options plugin <= 0.2.3 - Cross Site Request Forgery (CSRF) to Stored XSS vulnerabilityEPSS 0.1%CVE-2025-48238HIGHWordPress AWcode Toolkit plugin <= 1.0.18 - Cross Site Request Forgery (CSRF) to Stored XSS vulnerabilityEPSS 0.1%CVE-2025-47514HIGHWordPress ELI's Related Posts Footer Links and Widget plugin <= 1.2.04.20 - Cross Site Request Forgery (CSRF) to Stored XSS vulnerabilityEPSS 0.1%CVE-2025-12404MEDIUMLike-it <= 2.2 - Cross-Site Request Forgery to Stored Cross-Site ScriptingEPSS 0.1%CVE-2025-46457HIGHWordPress Wp Custom CMS Block plugin <= 2.1 - CSRF to Stored XSS vulnerabilityEPSS 0.1%CVE-2025-32922HIGHWordPress WP2LEADS plugin <= 3.5.0 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.1%CVE-2025-58430HIGHlistmonk Vulnerable to CSRF to XSS Chain That Can Lead to Admin Account TakeoverEPSS 0.1%CVE-2024-35648MEDIUMWordPress Emergency Password Reset plugin <= 8.0 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.1%CVE-2025-46452HIGHWordPress Google News plugin <= 2.5.1 - CSRF to Stored XSS vulnerabilityEPSS 0.1%CVE-2025-47648HIGHWordPress Pays – WooCommerce Payment Gateway plugin <= 2.6 - Cross Site Request Forgery (CSRF) VulnerabilityEPSS 0.1%CVE-2025-28958HIGHWordPress Bg Orthodox Calendar plugin <= 0.13.10 - CSRF to Stored XSS vulnerabilityEPSS 0.1%CVE-2025-27321HIGHWordPress Blightly Explorer plugin <= 2.3.0 - CSRF to Stored XSS vulnerabilityEPSS 0.1%CVE-2025-46466HIGHWordPress Modern Polls plugin <= 1.0.10 - CSRF to Stored XSS vulnerabilityEPSS 0.1%