Fallos del tipo CWE-352

5717 resultados
CVE-2024-29009MEDIUMCross-site request forgery (CSRF) vulnerability in easy-popup-show all versions allows a remote unauthenticated attacker to hijack the autheEPSS 0.2%CVE-2024-37227MEDIUMWordPress Newsletters plugin <= 4.9.7 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2023-32966MEDIUMWordPress Jazz Popups Plugin <= 1.8.7 is vulnerable to Cross Site Request Forgery (CSRF) leading to Stored XSSEPSS 0.2%CVE-2025-34133HIGHWimi Teamwork < v7.38.17 CSRFEPSS 0.2%CVE-2023-23899MEDIUMWordPress Extensions For CF7 Plugin <= 2.0.8 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.2%CVE-2023-22700MEDIUMWordPress PixelYourSite – Your smart PIXEL (TAG) Manager Plugin <= 9.3.0 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.2%CVE-2022-47612MEDIUMWordPress Participants Database Plugin <= 2.4.5 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.2%CVE-2024-34816MEDIUMWordPress WPCal.io plugin <= 0.9.5.8 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2023-24388MEDIUMWordPress Booking calendar, Appointment Booking System Plugin <= 3.2.3 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.2%CVE-2025-5033MEDIUMXiaoBingby TeaCMS addUser cross-site request forgeryEPSS 0.2%CVE-2024-43787MEDIUMHono CSRF middleware can be bypassed using crafted Content-Type headerEPSS 0.2%CVE-2023-23865MEDIUMWordPress Stripe Payments For WooCommerce by Checkout Plugin <= 1.4.10 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.2%CVE-2022-47179MEDIUMWordPress OWM Weather Plugin <= 5.6.11 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.2%CVE-2022-47148MEDIUMWordPress WooCommerce PDF Invoices & Packing Slips Plugin <= 3.2.5 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.2%CVE-2020-36908MEDIUMSecure Computing SnapGear Management Console SG560 3.1.5 Cross-Site Request Forgery via Admin UsersEPSS 0.2%CVE-2025-43745MEDIUMA CSRF vulnerability in Liferay Portal 7.4.0 through 7.4.3.132, and Liferay DXP 2025.Q2.0 through 2025.Q2.7, 2025.Q1.0 through 2025.Q1.14, 2EPSS 0.2%CVE-2022-41805MEDIUMWordPress Booster for WooCommerce plugin <= 5.6.6 - Cross-Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2022-3024MEDIUMSimple Bitcoin Faucets <= 1.7.0 - Unauthorised AJAX Call to Stored XSSEPSS 0.2%CVE-2024-22155MEDIUMWordPress WooCommerce plugin <= 8.5.2 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2022-45804MEDIUMWordPress Robo Gallery Plugin <= 3.2.9 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.2%