Fallos del tipo CWE-352
5733 resultadosCVE-2025-31375HIGHWordPress Scheduled plugin <= 1.0 - CSRF to Stored XSS vulnerabilityEPSS 0.2%CVE-2018-25127MEDIUMSOCA Access Control System 180612 Cross-Site Request Forgery via Admin InterfaceEPSS 0.2%CVE-2024-38754MEDIUMWordPress Tagbox plugin <= 3.3 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2024-35554MEDIUMidccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /admin/infoWeb_deal.php?mudi=del&dataType=newsWEPSS 0.2%CVE-2025-31382HIGHWordPress Language Field plugin <= 0.9 - CSRF to Stored XSS vulnerabilityEPSS 0.2%CVE-2025-31395HIGHWordPress Easy Custom CSS plugin <= 1.0 - CSRF to Stored XSS vulnerabilityEPSS 0.2%CVE-2025-31385HIGHWordPress Site Table of Contents plugin <= 0.3 - CSRF to Stored XSS vulnerabilityEPSS 0.2%CVE-2024-37508MEDIUMWordPress Construction Landing Page theme <= 1.3.5 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2024-27717MEDIUMCross Site Request Forgery vulnerability in Eskooly Free Online School Management Software v.3.0 and before allows a remote attacker to escaEPSS 0.2%CVE-2024-37478MEDIUMWordPress Ashe theme <= 2.233 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2025-23426HIGHWordPress go Social plugin <= 1.0 - CSRF to Stored Cross Site Scripting (XSS) vulnerabilityEPSS 0.2%CVE-2025-31400HIGHWordPress WS Audio Player plugin <= 1.1.8 - CSRF to Stored XSS vulnerabilityEPSS 0.2%CVE-2023-39158MEDIUMWordPress Woocommerce Category Banner Management Plugin <= 2.4.2 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.2%CVE-2025-32476HIGHWordPress Advanced Tag Lists plugin <= 1.2 - CSRF to Stored XSS vulnerabilityEPSS 0.2%CVE-2024-54399HIGHWordPress CRUDLab Google Plus Button plugin <= 1.0.2 - CSRF to Stored XSS vulnerabilityEPSS 0.2%CVE-2026-14016MEDIUMInappropriate implementation in SVG in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to leak cross-origin data via a crafteEPSS 0.2%CVE-2024-13555MEDIUM1 Click WordPress Migration Plugin – 100% FREE for a limited time <= 2.2 - Cross-Site Request Forgery to Backup Process CancellationEPSS 0.2%CVE-2024-7820MEDIUMILC Thickbox <= 1.0 - Settings update via CSRFEPSS 0.2%CVE-2025-39517MEDIUMWordPress Basic Interactive World Map plugin <= 2.7 - Cross Site Request Forgery (CSRF) to Settings Change vulnerabilityEPSS 0.2%CVE-2024-54389HIGHWordPress addWeather plugin <= 2.5.1 - CSRF to Stored XSS vulnerabilityEPSS 0.2%