Weaknesses of type CWE-352
5,740 resultsCVE-2025-53219MEDIUMWordPress WP-Database-Optimizer-Tools Plugin <= 0.2 - Cross Site Request Forgery (CSRF) VulnerabilityEPSS 0.1%CVE-2025-46507HIGHWordPress Unsafe Mimetypes plugin <= 0.1.4 - Cross Site Request Forgery (CSRF) to Stored XSS vulnerabilityEPSS 0.1%CVE-2025-58801MEDIUMWordPress Responder Plugin <= 4.3.8 - Cross Site Request Forgery (CSRF) VulnerabilityEPSS 0.1%CVE-2025-27321HIGHWordPress Blightly Explorer plugin <= 2.3.0 - CSRF to Stored XSS vulnerabilityEPSS 0.1%CVE-2024-35648MEDIUMWordPress Emergency Password Reset plugin <= 8.0 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.1%CVE-2025-58430HIGHlistmonk Vulnerable to CSRF to XSS Chain That Can Lead to Admin Account TakeoverEPSS 0.1%CVE-2025-27009HIGHWordPress My auctions allegro plugin <= 3.6.33 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.1%CVE-2025-28981HIGHWordPress WP Mail Options plugin <= 0.2.3 - Cross Site Request Forgery (CSRF) to Stored XSS vulnerabilityEPSS 0.1%CVE-2025-67472MEDIUMWordPress Online Booking & Scheduling Calendar for WordPress by vcita plugin <= 4.5.5 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.1%CVE-2025-28966HIGHWordPress Recent Posts Slider Responsive plugin <= 1.0.1 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.1%CVE-2025-12406MEDIUMProject Honey Pot Spam Trap <= 1.0.1 - Cross-Site Request Forgery to Stored Cross-Site ScriptingEPSS 0.1%CVE-2025-52463LOWCross-site request forgery vulnerability exists in Active! mail 6 BuildInfo: 6.60.06008562 and earlier. If this vulnerability is exploited, EPSS 0.1%CVE-2025-12404MEDIUMLike-it <= 2.2 - Cross-Site Request Forgery to Stored Cross-Site ScriptingEPSS 0.1%CVE-2025-7686MEDIUMweichuncai(WP伪春菜) <= 1.5 - Cross-Site Request Forgery to Stored Cross-Site ScriptingEPSS 0.1%CVE-2025-13205MEDIUMSurveyJS: Drag & Drop WordPress Form Builder to create, style and embed multiple forms of any complexity <= 2.5.2 - Cross-Site Request Forgery to Survey CloningEPSS 0.1%CVE-2025-58818MEDIUMWordPress Developer Tools Blocker Plugin <= 3.2.1 - Cross Site Request Forgery (CSRF) VulnerabilityEPSS 0.1%CVE-2026-1086MEDIUMFont Pairing Preview For Landing Pages <= 1.3 - Cross-Site Request Forgery to Settings UpdateEPSS 0.1%CVE-2025-30756MEDIUMVulnerability in Oracle REST Data Services (component: General). The supported version that is affected is 24.2.0. Easily exploitable vulnEPSS 0.1%CVE-2025-14168MEDIUMWP DB Booster <= 1.0.1 - Cross-Site Request Forgery to Database CleanupEPSS 0.1%CVE-2026-22800LOWPILOS affected by a CSRF via GET request allows unintentional termination of all active video conferencesEPSS 0.1%