Fallos del tipo CWE-352
5731 resultadosCVE-2024-12555MEDIUMSIP Calculator <= 1.0 - Cross-Site Request Forgery to Stored Cross-Site ScriptingEPSS 0.2%CVE-2025-23424HIGHWordPress Marquee Style RSS News Ticker plugin <= 3.2.0 - CSRF to Stored Cross Site Scripting (XSS) vulnerabilityEPSS 0.2%CVE-2024-31093HIGHWordPress Broken Images plugin <= 0.2 - CSRF to XSS vulnerabilityEPSS 0.2%CVE-2025-23513HIGHWordPress Bible Embed plugin <= 0.0.4 - CSRF to Stored Cross Site Scripting (XSS) vulnerabilityEPSS 0.2%CVE-2025-6670HIGHCross-Site Request Forgery (CSRF) in Multiple WSO2 Products via HTTP GET in Admin ServicesEPSS 0.2%CVE-2024-29773HIGHWordPress BizPrint plugin <= 4.5.5 - CSRF to XSS vulnerabilityEPSS 0.2%CVE-2025-21489MEDIUMVulnerability in the Oracle Advanced Outbound Telephony product of Oracle E-Business Suite (component: Region Mapping). Supported versions EPSS 0.2%CVE-2024-51156MEDIUM07FLYCMS V1.3.9 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component 'erp.07fly.net:80/admin/SysNotifyUser/del.htEPSS 0.2%CVE-2024-39019MEDIUMidccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/idcProData_deal.php?mudi=delEPSS 0.2%CVE-2025-8103MEDIUMWPeMatico RSS Feed Fetcher <= 2.8.7 - Cross-Site Request Forgery to Plugin Deactivation via handle_feedback_submission FunctionEPSS 0.2%CVE-2024-37412MEDIUMWordPress Blossom Shop theme <= 1.1.7 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2025-23801HIGHWordPress Style Admin Plugin <= 1.4.3 - CSRF to Stored XSS vulnerabilityEPSS 0.2%CVE-2025-23800HIGHWordPress OrangeBox plugin <= 3.0.0 - CSRF to Stored XSS vulnerabilityEPSS 0.2%CVE-2024-30545HIGHWordPress Social Author Bio plugin <= 2.4 - Stored XSS via Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2025-23435HIGHWordPress Password Protect Plugin for WordPress plugin <= 0.8.1.0 - CSRF to Stored XSS vulnerabilityEPSS 0.2%CVE-2025-23436HIGHWordPress Wp-Scribd-List plugin <= 1.2 - CSRF to XSS vulnerabilityEPSS 0.2%CVE-2025-23510HIGHWordPress WordPress Logging Service plugin <= 1.5.4 - CSRF to Stored Cross Site Scripting (XSS) vulnerabilityEPSS 0.2%CVE-2024-28666MEDIUMDedeCMS v5.7 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via the component /dede/media_add.phpEPSS 0.2%CVE-2024-49628MEDIUMWordPress Most And Least Read Posts Widget plugin <= 2.5.18 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2021-40335MEDIUMCross Site Request Forgery (CSRF) in Hitachi Energy’s MSM ProductEPSS 0.2%