Fallos del tipo CWE-352

5731 resultados
CVE-2024-31086HIGHWordPress Change default login logo,url and title plugin <= 2.0 - CSRF to XSS vulnerabilityEPSS 0.2%CVE-2024-50466MEDIUMWordPress DarkMySite – Advanced Dark Mode Plugin for WordPress plugin <= 1.2.8 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2021-40335MEDIUMCross Site Request Forgery (CSRF) in Hitachi Energy’s MSM ProductEPSS 0.2%CVE-2024-48031MEDIUMWordPress Featured Posts with Multiple Custom Groups (FPMCG) plugin <= 4.0 - Cross-Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2024-31093HIGHWordPress Broken Images plugin <= 0.2 - CSRF to XSS vulnerabilityEPSS 0.2%CVE-2024-39019MEDIUMidccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/idcProData_deal.php?mudi=delEPSS 0.2%CVE-2025-23800HIGHWordPress OrangeBox plugin <= 3.0.0 - CSRF to Stored XSS vulnerabilityEPSS 0.2%CVE-2024-30545HIGHWordPress Social Author Bio plugin <= 2.4 - Stored XSS via Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2024-51156MEDIUM07FLYCMS V1.3.9 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component 'erp.07fly.net:80/admin/SysNotifyUser/del.htEPSS 0.2%CVE-2025-23511HIGHWordPress WP-BlackCheck plugin <= 2.7.2 - CSRF to Stored Cross Site Scripting (XSS) vulnerabilityEPSS 0.2%CVE-2024-29773HIGHWordPress BizPrint plugin <= 4.5.5 - CSRF to XSS vulnerabilityEPSS 0.2%CVE-2025-21489MEDIUMVulnerability in the Oracle Advanced Outbound Telephony product of Oracle E-Business Suite (component: Region Mapping). Supported versions EPSS 0.2%CVE-2025-23424HIGHWordPress Marquee Style RSS News Ticker plugin <= 3.2.0 - CSRF to Stored Cross Site Scripting (XSS) vulnerabilityEPSS 0.2%CVE-2025-23557HIGHWordPress Find Your Reps plugin <= 1.2 - CSRF to Stored XSS vulnerabilityEPSS 0.2%CVE-2024-28666MEDIUMDedeCMS v5.7 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via the component /dede/media_add.phpEPSS 0.2%CVE-2025-23560HIGHWordPress Web Testimonials plugin <= 1.2 - CSRF to Stored XSS vulnerabilityEPSS 0.2%CVE-2024-13444MEDIUMwp-greet <= 6.2 - Cross-Site Request Forgery to Stored Cross-Site ScriptingEPSS 0.2%CVE-2025-23430HIGHWordPress Mass Custom Fields Manager plugin <= 1.5 - CSRF to Cross Site Scripting (XSS) vulnerabilityEPSS 0.2%CVE-2025-23508HIGHWordPress Extra Options – Favicons plugin <= 1.1.0 - CSRF to Stored XSS vulnerabilityEPSS 0.2%CVE-2025-5185MEDIUMSummer Pearl Group Vacation Rental Management Platform cross-site request forgeryEPSS 0.2%