Fallos del tipo CWE-352
5733 resultadosCVE-2026-4968MEDIUMSourceCodester Diary App diary.php cross-site request forgeryEPSS 0.2%CVE-2025-12028HIGHIndieAuth <= 4.5.4 - Cross-Site Request Forgery to Account Takeover via Stolen OAuth TokensEPSS 0.2%CVE-2024-51638HIGHWordPress Awesome Shortcodes For Genesis plugin 1.1.8 - Cross Site Scripting (XSS) vulnerabilityEPSS 0.2%CVE-2023-25788MEDIUMWordPress Saphali Woocommerce Lite Plugin <= 1.8.13 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.2%CVE-2024-51633HIGHWordPress Simple Page Specific Sidebars plugin <= 2.14.1 - CSRF to Stored Cross Site Scripting (XSS) vulnerabilityEPSS 0.2%CVE-2024-51640HIGHWordPress MDR Webmaster Tools plugin <= 1.1 - CSRF to Stored XSS vulnerabilityEPSS 0.2%CVE-2025-24623MEDIUMWordPress Really Simple Security plugin <= 9.1.4 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2025-22503MEDIUMWordPress Admin debug wordpress – enable debug Plugin <= 1.0.13 - Cross Site Request Forgery vulnerabilityEPSS 0.2%CVE-2025-23872HIGHWordPress PayForm plugin <= 2.0 - CSRF to Stored XSS vulnerabilityEPSS 0.2%CVE-2024-12385MEDIUMWP Abstracts <= 2.7.2 - Cross-Site Request Forgery to Reflected Cross-Site ScriptingEPSS 0.2%CVE-2024-41744MEDIUMIBM CICS TX Standard cross-site request forgeryEPSS 0.2%CVE-2025-27579MEDIUMIn Bitaxe ESP-Miner before 2.5.0 with AxeOS, one can use an /api/system CSRF attack to update the payout address (aka stratumUser) for a BitEPSS 0.2%CVE-2025-31689HIGHGeneral Data Protection Regulation - Moderately critical - Cross Site Request Forgery - SA-CONTRIB-2025-018EPSS 0.2%CVE-2025-39600MEDIUMWordPress Integration for WooCommerce and QuickBooks plugin <= 1.3.1 - Cross Site Request Forgery (CSRF) VulnerabilityEPSS 0.2%CVE-2025-39593MEDIUMWordPress Ever Accounting plugin <= 2.1.5 - Cross Site Request Forgery (CSRF) VulnerabilityEPSS 0.2%CVE-2026-4138MEDIUMDX Unanswered Comments <= 1.7 - Cross-Site Request Forgery via Settings UpdateEPSS 0.2%CVE-2024-10480MEDIUM3DPrint Lite < 2.1 - Settings Update via CSRFEPSS 0.2%CVE-2025-1314MEDIUMCustom Twitter Feeds <= 2.2.5 - Cross-Site Request Forgery to Cache Reset via ctf_clear_cache_admin FunctionEPSS 0.2%CVE-2024-49779MEDIUMIBM OpenPages cross-site request forgeryEPSS 0.2%CVE-2024-30855HIGHDedeCMS v5.7 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /src/dede/makehtml_list_action.php.EPSS 0.2%