Weaknesses of type CWE-352

5,742 results
CVE-2025-4189MEDIUMAudio Comments Plugin <= 1.0.4 - Cross-Site Request Forgery to Stored Cross-Site ScriptingEPSS 0.1%CVE-2025-62962HIGHWordPress CloudSearch plugin <= 3.0.0 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.1%CVE-2025-55046HIGHMuraCMS through 10.1.10 contains a CSRF vulnerability that allows attackers to permanently destroy all deleted content stored in the trash sEPSS 0.1%CVE-2025-11976MEDIUMFuseWP – WordPress User Sync to Email List & Marketing Automation (Mailchimp, Constant Contact, ActiveCampaign etc.) <= 1.1.23.0 - Cross-Site Request Forgery to Sync Rule CreationEPSS 0.1%CVE-2026-8902MEDIUMAJAX Report Comments <= 2.0.4 - Cross-Site Request Forgery to Settings UpdateEPSS 0.1%CVE-2025-47684MEDIUMWordPress Smaily for WP plugin <= 3.1.7 - Cross Site Request Forgery (CSRF) VulnerabilityEPSS 0.1%CVE-2025-9618MEDIUMRelated Posts Lite <= 1.12 - Cross-Site Request ForgeryEPSS 0.1%CVE-2025-10376MEDIUMCourse Redirects for Learndash Plugin <= 0.4 - Cross-Site Request ForgeryEPSS 0.1%CVE-2026-8904MEDIUMFastPicker, an order picker and order management system (oms) for WooCommerce on steroids <= 1.0.2 - Cross-Site Request Forgery via Settings SaveEPSS 0.1%CVE-2025-13521MEDIUMWP Status Notifier <= 1.0 - Cross-Site Request Forgery to Settings UpdateEPSS 0.1%CVE-2025-64760MEDIUMTuleap has missing CSRF protections in its tracker trigger management systemEPSS 0.1%CVE-2025-59112MEDIUMCross-Site Request Forgery in Windu CMSEPSS 0.1%CVE-2025-9944MEDIUMProfessional Contact Form <= 1.0.0 - Cross-Site Request Forgery to Test Email SendingEPSS 0.1%CVE-2025-59114MEDIUMCross-Site Request Forgery in Windu CMSEPSS 0.1%CVE-2025-59894HIGHCross-Site request forgery (CSRF) vulnerability in Sync Breeze Enterprise ServerEPSS 0.1%CVE-2025-48342MEDIUMWordPress Dynamic Pricing & Discounts Lite for WooCommerce plugin <= 2.0.3 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.1%CVE-2025-31616HIGHWordPress Varnish WordPress plugin <= 1.7 - CSRF to Stored XSS vulnerabilityEPSS 0.1%CVE-2025-54702MEDIUMWordPress Ebook Store Plugin plugin <= 5.8013 - Cross Site Request Forgery (CSRF) VulnerabilityEPSS 0.1%CVE-2025-31458HIGHWordPress Video Embedder plugin <= 1.7.1 - Cross Site Request Forgery (CSRF) to Stored XSS vulnerabilityEPSS 0.1%CVE-2025-31444HIGHWordPress ShowTime Slideshow plugin <= 1.6 - Cross Site Request Forgery (CSRF) to Stored XSS vulnerabilityEPSS 0.1%