Fallos del tipo CWE-352
5733 resultadosCVE-2026-4138MEDIUMDX Unanswered Comments <= 1.7 - Cross-Site Request Forgery via Settings UpdateEPSS 0.2%CVE-2024-10480MEDIUM3DPrint Lite < 2.1 - Settings Update via CSRFEPSS 0.2%CVE-2025-10317MEDIUMMultiple Cross-Site Request Forgery in Quick.CartEPSS 0.2%CVE-2025-5142MEDIUMSimple Page Access Restriction <= 1.0.31 - Cross-Site Request Forgery via Multiple ParametersEPSS 0.2%CVE-2024-51669MEDIUMWordPress Dynamic Widgets plugin <= 1.6.4 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2023-50930HIGHAn issue was discovered in savignano S/Notify before 4.0.2 for Jira. While an administrative user is logged on, the configuration settings oEPSS 0.2%CVE-2024-49275MEDIUMWordPress IdeaPush plugin <= 8.69 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2024-31205MEDIUMSaleor CSRF bypass in refreshToken mutationEPSS 0.2%CVE-2025-23872HIGHWordPress PayForm plugin <= 2.0 - CSRF to Stored XSS vulnerabilityEPSS 0.2%CVE-2024-41744MEDIUMIBM CICS TX Standard cross-site request forgeryEPSS 0.2%CVE-2025-39593MEDIUMWordPress Ever Accounting plugin <= 2.1.5 - Cross Site Request Forgery (CSRF) VulnerabilityEPSS 0.2%CVE-2025-23559HIGHWordPress MemeOne plugin <= 2.0.5 - CSRF to Stored XSS vulnerabilityEPSS 0.2%CVE-2024-39020MEDIUMidccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/vpsApiData_deal.php?mudi=rev&nohrefStr=cEPSS 0.2%CVE-2018-25370MEDIUMAdmidio 3.3.5 Cross-Site Request Forgery via roles_function.phpEPSS 0.2%CVE-2024-40328MEDIUMidccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/memberOnline_deal.php?mudi=del&dataType=EPSS 0.2%CVE-2024-9943MEDIUMMultiVendorX – The Ultimate WooCommerce Multivendor Marketplace Solution <= 4.2.4 - Cross-Site Request Forgery to Vendor UpdatesEPSS 0.2%CVE-2024-1375MEDIUMEvent post <= 5.9.10 - Cross-Site Request ForgeryEPSS 0.2%CVE-2023-45763MEDIUMWordPress Taggbox Plugin <= 2.9 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.2%CVE-2024-53684HIGHA cross-site request forgery (csrf) vulnerability exists in the WEBVIEW-M functionality of Socomec DIRIS Digiware M-70 1.6.9. A specially crEPSS 0.2%CVE-2026-50132HIGHBudibase: Chat Identity Link Hijacking via Missing Consent & CSRF — Account Impersonation in BudibaseEPSS 0.2%