Weaknesses of type CWE-352
5,743 resultsCVE-2025-64288MEDIUMWordPress Premmerce plugin <= 1.3.19 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.1%CVE-2025-62957HIGHWordPress NikanWP WooCommerce Reporting plugin <= 1.0.0 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.1%CVE-2025-6063MEDIUMXiSearch bar <= 2.6 - Cross-Site Request Forgery to Stored Cross-Site ScriptingEPSS 0.1%CVE-2025-64286MEDIUMWordPress WP Rentals theme <= 3.13.1 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.1%CVE-2026-41074HIGHRT has broken CSRF protection for authenticated usersEPSS 0.1%CVE-2025-6064MEDIUMWP URL Shortener <= 1.2 - Cross-Site Request Forgery to Stored Cross-Site ScriptingEPSS 0.1%CVE-2026-31849HIGHMissing CSRF Protection on Administrative Endpoints in Nexxt Nebula 300+EPSS 0.1%CVE-2026-22880MEDIUMMobile SSO authentication flow allows credential theft via malicious serverEPSS 0.1%CVE-2025-6055MEDIUMZen Sticky Social <= 0.3 - Cross-Site Request Forgery to Stored Cross-Site ScriptingEPSS 0.1%CVE-2025-48144HIGHWordPress Import Export For WooCommerce plugin <= 1.6.2 - CSRF to Stored XSS vulnerabilityEPSS 0.1%CVE-2025-46514HIGHWordPress Milat jQuery Automatic Popup plugin <= 1.3.1 - CSRF to Stored XSS vulnerabilityEPSS 0.1%CVE-2025-47685HIGHWordPress Contribuinte Checkout plugin <= 2.0.03 - Cross Site Request Forgery (CSRF) to Stored XSS vulnerabilityEPSS 0.1%CVE-2025-53338HIGHWordPress re.place plugin <= 0.2.1 - Cross Site Request Forgery (CSRF) VulnerabilityEPSS 0.1%CVE-2025-48083HIGHWordPress wpNamedUsers plugin <= 0.5 - Cross Site Request Forgery (CSRF) to Stored XSS vulnerabilityEPSS 0.1%CVE-2025-46512HIGHWordPress Custom Functions Plugin plugin <= 1.1 - CSRF to Stored XSS vulnerabilityEPSS 0.1%CVE-2025-52791HIGHWordPress Knowledge Base – Knowledge Base Maker plugin <= 1.1.8 - Cross Site Request Forgery (CSRF) VulnerabilityEPSS 0.1%CVE-2025-49425HIGHWordPress Konami Easter Egg plugin <= v0.4 - Cross Site Request Forgery (CSRF) VulnerabilityEPSS 0.1%CVE-2025-58975MEDIUMWordPress Advanced Settings Plugin <= 3.1.1 - Cross Site Request Forgery (CSRF) VulnerabilityEPSS 0.1%CVE-2025-14462MEDIUMLucky Draw Contests <= 4.2 - Cross-Site Request Forgery to Plugin Settings UpdateEPSS 0.1%CVE-2026-49043MEDIUMWordPress WP Migrate Lite plugin <= 2.7.8 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.1%