Fallos del tipo CWE-352
5724 resultadosCVE-2023-44994MEDIUMWordPress ShortCodes UI Plugin <= 1.9.8 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.2%CVE-2023-45011MEDIUMWordPress WP Power Stats Plugin <= 2.2.3 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.2%CVE-2025-24738MEDIUMWordPress Call Now Button plugin <= 1.4.13 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2023-45606MEDIUMWordPress Simple URLs Plugin <= 120 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.2%CVE-2023-46781MEDIUMWordPress Current Menu Item for Custom Post Types Plugin <= 1.5 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.2%CVE-2024-31923MEDIUMWordPress Feather Login Page plugin <= 1.1.5 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2023-41131MEDIUMWordPress Sp*tify Play Button for WordPress Plugin <= 2.10 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.2%CVE-2024-32107MEDIUMWordPress Finale Lite plugin <= 2.18.0 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2023-45748MEDIUMWordPress MailChimp Forms by MailMunch Plugin <= 3.1.4 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.2%CVE-2023-41850MEDIUMWordPress Outbound Link Manager Plugin <= 1.2 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.2%CVE-2023-45639MEDIUMWordPress Sort SearchResult By Title Plugin <= 10.0 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.2%CVE-2023-45107MEDIUMWordPress GoodBarber Plugin <= 1.0.22 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.2%CVE-2023-38390MEDIUMWordPress Mobile Address Bar Changer Plugin <= 3.0 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.2%CVE-2024-8489HIGHCSRF due to overly permissive CORS headers in modelscope/agentscopeEPSS 0.2%CVE-2023-41244MEDIUMWordPress Localize Remote Images Plugin <= 1.0.9 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.2%CVE-2023-25489MEDIUMWordPress Update Theme and Plugins from Zip File Plugin <= 2.0.0 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.2%CVE-2024-3083HIGHA “CWE-352: Cross-Site Request Forgery (CSRF)” can be exploited by remote attackers to perform state-changing operations with administrativeEPSS 0.2%CVE-2023-40671MEDIUMWordPress DX-auto-save-images Plugin <= 1.4.0 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.2%CVE-2024-22291MEDIUMWordPress Browser Theme Color Plugin <= 1.3 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.2%CVE-2023-41669MEDIUMWordPress Live News Plugin <= 1.06 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.2%