Fallos del tipo CWE-352
5733 resultadosCVE-2025-30856MEDIUMWordPress Custom Field For WP Job Manager plugin <= 1.4 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2024-37518MEDIUMWordPress The Events Calendar plugin <= 6.5.1.4 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2023-37391MEDIUMWordPress WordPress Mobile Pack Plugin <= 3.4.1 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.2%CVE-2025-32250MEDIUMWordPress Rollbar plugin <= 2.7.1 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2025-32476HIGHWordPress Advanced Tag Lists plugin <= 1.2 - CSRF to Stored XSS vulnerabilityEPSS 0.2%CVE-2024-37493MEDIUMWordPress Posterity theme <= 3.3 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2024-37490MEDIUMWordPress Bard theme <= 2.210 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2024-38691MEDIUMWordPress Metorik plugin <= 1.7.1 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2024-34756MEDIUMWordPress Integration for HubSpot and Contact Form 7 plugin <= 1.3.1 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2025-31026HIGHWordPress Comment Validation Reloaded plugin <= 0.5 - CSRF to Stored XSS vulnerabilityEPSS 0.2%CVE-2025-31401HIGHWordPress MMX – Make Me Christmas plugin <= 1.0.0 - CSRF to Stored XSS vulnerabilityEPSS 0.2%CVE-2025-31032HIGHWordPress Pagopar – WooCommerce Gateway plugin <= 2.7.1 - CSRF to Stored XSS vulnerabilityEPSS 0.2%CVE-2025-31388HIGHWordPress The World plugin <= 0.4 - CSRF to Stored XSS vulnerabilityEPSS 0.2%CVE-2024-37473MEDIUMWordPress Trendy News theme <= 1.0.15 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2024-12279MEDIUMWP Social AutoConnect <= 4.6.2 - Cross-Site Request Forgery to Reflected Cross-Site ScriptingEPSS 0.2%CVE-2026-1075MEDIUMZT Captcha <= 1.0.4 - Cross-Site Request Forgery to Settings UpdateEPSS 0.2%CVE-2025-28355MEDIUMVolmarg Personal Management System 1.4.65 is vulnerable to Cross Site Request Forgery (CSRF) allowing attackers to execute arbitrary code anEPSS 0.2%CVE-2025-32480HIGHWordPress Windows Live Writer plugin <= 0.1 - CSRF to Stored XSS vulnerabilityEPSS 0.2%CVE-2024-37543MEDIUMWordPress Ultimate Auction plugin <= 4.2.5 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2026-8419MEDIUMAmazon Scraper <= 1.1 - Cross-Site Request Forgery to Stored Cross-Site Scripting via Settings UpdateEPSS 0.2%