Weaknesses of type CWE-352

5,743 results
CVE-2025-58202MEDIUMWordPress Simple Page Access Restriction Plugin <= 1.0.32 - Cross Site Request Forgery (CSRF) VulnerabilityEPSS 0.1%CVE-2025-57892MEDIUMWordPress Simple Statistics for Feeds Plugin <= 20250322 - Cross Site Request Forgery (CSRF) VulnerabilityEPSS 0.1%CVE-2025-27003MEDIUMWordPress Quick Paypal Payments Plugin <= 5.7.46 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.1%CVE-2025-57885MEDIUMWordPress Fluent Support Plugin <= 1.9.1 - Cross Site Request Forgery (CSRF) VulnerabilityEPSS 0.1%CVE-2025-54286HIGHCSRF Vulnerability When Using Client Certificate Authentication with the LXD-UIEPSS 0.1%CVE-2025-8119MEDIUMCross-Site Request Forgery in PAD CMSEPSS 0.1%CVE-2026-8906MEDIUMWP Promoter <= 1.3 - Cross-Site Request Forgery to Stored Cross-Site Scripting via 'popup_width' ParameterEPSS 0.1%CVE-2025-54728MEDIUMWordPress CM On Demand Search And Replace Plugin <= 1.5.2 - Cross Site Request Forgery (CSRF) VulnerabilityEPSS 0.1%CVE-2025-54732MEDIUMWordPress WPDM – Premium Packages Plugin <= 6.0.2 - Cross Site Request Forgery (CSRF) VulnerabilityEPSS 0.1%CVE-2025-58865MEDIUMWordPress Compact Admin plugin <= 1.3.3 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.1%CVE-2025-58809HIGHWordPress To Lead For Salesforce Plugin <= 2.7.3.9 - Cross Site Request Forgery (CSRF) VulnerabilityEPSS 0.1%CVE-2025-48320HIGHWordPress 百度分享按钮 plugin <= 1.0.6 - CSRF to Stored XSS vulnerabilityEPSS 0.1%CVE-2025-64357MEDIUMWordPress Advanced Database Cleaner plugin <= 3.1.6 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.1%CVE-2025-58849HIGHWordPress Hide Real Download Path Plugin <= 1.6 - Cross Site Request Forgery (CSRF) VulnerabilityEPSS 0.1%CVE-2025-58677HIGHWordPress ShrinkTheWeb (STW) Website Previews Plugin <= 2.8.5 - Cross Site Request Forgery (CSRF) VulnerabilityEPSS 0.1%CVE-2025-48359HIGHWordPress ATT YouTube Widget plugin <= 1.0 - Cross Site Request Forgery (CSRF) to Stored XSS vulnerabilityEPSS 0.1%CVE-2025-58688HIGHWordPress Casengo Live Chat Support Plugin <= 2.1.4 - Cross Site Request Forgery (CSRF) VulnerabilityEPSS 0.1%CVE-2025-12413MEDIUMSocial Media WPCF7 Stop Words <= 1.1.3 - Cross-Site Request Forgery to Settings UpdateEPSS 0.1%CVE-2025-58845HIGHWordPress Bulk Watermark Plugin <= 1.6.10 - Cross Site Request Forgery (CSRF) VulnerabilityEPSS 0.1%CVE-2025-48325HIGHWordPress WP Admin Theme plugin <= 1.0 - Cross Site Request Forgery (CSRF) to Stored XSS vulnerabilityEPSS 0.1%