Fallos del tipo CWE-352

5729 resultados
CVE-2024-54440HIGHWordPress WP-Ban-User plugin <= 1.0 - CSRF to Stored XSS vulnerabilityEPSS 0.2%CVE-2024-54428HIGHWordPress Add image to Post plugin <= 0.6 - CSRF to Stored XSS vulnerabilityEPSS 0.2%CVE-2024-54435HIGHWordPress Onlywire Multi Autosubmitter plugin <= 1.2.4 - CSRF to Stored XSS vulnerabilityEPSS 0.2%CVE-2024-12545MEDIUMScratch & Win – Giveaways and Contests <= 2.7.1 - Cross-Site Request Forgery via reset_installation FunctionEPSS 0.2%CVE-2024-54427HIGHWordPress Category of Posts plugin <= 1.0 - CSRF to Stored XSS vulnerabilityEPSS 0.2%CVE-2024-54405HIGHWordPress ECT Social Share plugin <= 1.3 - CSRF to Stored XSS vulnerabilityEPSS 0.2%CVE-2024-4543MEDIUMSnippet Shortcodes <= 4.1.4 - Cross-Site Request ForgeryEPSS 0.2%CVE-2026-33373HIGHAn issue was discovered in Zimbra Collaboration (ZCS) 10.0 and 10.1. A Cross-Site Request Forgery (CSRF) vulnerability exists in Zimbra Web EPSS 0.2%CVE-2024-54439HIGHWordPress Amazon Product Price plugin <= 1.1 - CSRF to Stored XSS vulnerabilityEPSS 0.2%CVE-2024-1912MEDIUMCategorify <= 1.0.7.4 - Cross-Site Request Forgery via categorifyAjaxUpdateFolderPositionEPSS 0.2%CVE-2024-0847MEDIUM5280 Bootstrap Modal Contact Form <= 1.0 - Cross-Site Request Forgery to Bulk Delete MessagesEPSS 0.2%CVE-2024-1909MEDIUMCategorify <= 1.0.7.4 - Cross-Site Request Forgery via categorifyAjaxRenameCategoryEPSS 0.2%CVE-2023-32104MEDIUMWordPress MyCurator Content Curation Plugin <= 3.74 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.2%CVE-2026-13952MEDIUMInappropriate implementation in PerformanceAPIs in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to leak cross-origin data EPSS 0.2%CVE-2024-27974MEDIUMCross-site request forgery vulnerability in FUJIFILM printers which implement CentreWare Internet Services or Internet Services allows a remEPSS 0.2%CVE-2025-61930HIGHEmlog Pro has CSRF issue that Enables Admin Password ResetEPSS 0.2%CVE-2024-33691MEDIUMWordPress Popup Builder by OptinMonster plugin <= 2.15.3 - Cross Site Request Forgery (CSRF) Notice Dismissal vulnerabilityEPSS 0.2%CVE-2024-42603MEDIUMPligg CMS v2.0.2 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/admin_backup.php?dobackup=clearallEPSS 0.2%CVE-2024-33677MEDIUMWordPress Contact Form 7 Extension For Mailchimp plugin <= 0.5.70 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2026-13946MEDIUMInappropriate implementation in ScriptInjections in Google Chrome on iOS prior to 150.0.7871.47 allowed a remote attacker to leak cross-origEPSS 0.2%