Fallos del tipo CWE-352

5718 resultados
CVE-2024-45987MEDIUMProjectworld Online Voting System Version 1.0 is vulnerable to Cross Site Request Forgery (CSRF) via voter.php. This vulnerability allows anEPSS 0.2%CVE-2022-38468MEDIUMWordPress NextGEN Gallery Plugin <= 3.28 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.2%CVE-2023-2508MEDIUMCSRF in PaperCutNG Mobility Print leads to sophisticated phishingEPSS 0.2%CVE-2024-31382MEDIUMWordPress Blocksy theme <= 2.0.22 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2024-8736HIGHDenial of Service (DoS) via Multipart Boundary in parisneo/lollms-webuiEPSS 0.2%CVE-2023-40172MEDIUMCross-Site Request Forgery (CSRF) in fobybus/social-media-skeletonEPSS 0.2%CVE-2023-23983MEDIUMWordPress Responsive Vertical Icon Menu Plugin <= 1.5.8 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.2%CVE-2023-7202MEDIUMFatal Error Notify < 1.5.3 - Subscriber+ Test Error Email SendingEPSS 0.2%CVE-2024-37940HIGHWordPress Seraphinite Accelerator (Full, premium) plugin <= 2.21.13 - CSRF Leading to Arbitrary File Deletion vulnerabilityEPSS 0.2%CVE-2024-42793MEDIUMA Cross-Site Request Forgery (CSRF) vulnerability was found in Kashipara Music Management System v1.0 via a crafted request to the /music/ajEPSS 0.2%CVE-2024-10906HIGHCross-Site Request Forgery (CSRF) in eosphoros-ai/db-gptEPSS 0.2%CVE-2023-6788MEDIUMMetform Elementor Contact Form Builder <= 3.8.1 - Cross-Site Request ForgeryEPSS 0.2%CVE-2025-3064HIGHWPFront User Role Editor <= 4.2.1 - Cross-Site Request Forgery to Privilege Escalation via whitelist_options FunctionEPSS 0.2%CVE-2024-8026HIGHCSRF due to overly permissive CORS headers in netease-youdao/qanythingEPSS 0.2%CVE-2023-44237MEDIUMWordPress WP Site Protector Plugin <= 2.0 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.2%CVE-2025-25106CRITICALWordPress Starter Templates by FancyWP plugin <= 2.0.0 - CSRF to Arbitrary Plugin Installation vulnerabilityEPSS 0.2%CVE-2023-50861MEDIUMWordPress HUSKY plugin <= 1.3.4.3 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2023-37991MEDIUMWordPress WP Emoji One Plugin <= 0.6.0 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.2%CVE-2023-52123MEDIUMWordPress Strong Testimonials Plugin <= 3.1.10 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.2%CVE-2023-44246MEDIUMWordPress Shockingly Simple Favicon Plugin <= 1.8.2 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.2%