Fallos del tipo CWE-352

5733 resultados
CVE-2025-64141MEDIUMA cross-site request forgery (CSRF) vulnerability in Jenkins Nexus Task Runner Plugin 0.9.2 and earlier allows attackers to connect to an atEPSS 0.2%CVE-2024-54404HIGHWordPress MDC Comment Toolbar plugin <= 1.1 - CSRF to Stored XSS vulnerabilityEPSS 0.2%CVE-2024-54394HIGHWordPress Mandrill WP plugin <= 1.0.5 - CSRF to Stored XSS vulnerabilityEPSS 0.2%CVE-2024-12291MEDIUMViewMedica 9 <= 1.4.17 - Cross-Site Request Forgery to Reflected Cross-Site ScriptingEPSS 0.2%CVE-2024-54389HIGHWordPress addWeather plugin <= 2.5.1 - CSRF to Stored XSS vulnerabilityEPSS 0.2%CVE-2024-54438HIGHWordPress Gaxx Keywords plugin <= 0.2 - CSRF to Stored XSS vulnerabilityEPSS 0.2%CVE-2024-7862MEDIUMBlog Introduction <= 0.3.0 - Settings Update via CSRFEPSS 0.2%CVE-2024-40886MEDIUMOne-click Client-Side Path Traversal Leading to CSRF in User Management admin pageEPSS 0.2%CVE-2025-59901HIGHauthenticated reflected XSS vulnerability in Sync Breeze Enterprise ServerEPSS 0.2%CVE-2024-54401HIGHWordPress Advanced Fancybox plugin <= 1.1.1 - CSRF to Stored XSS vulnerabilityEPSS 0.2%CVE-2025-32494MEDIUMWordPress reCAPTCHA Jetpack plugin <= 0.2.2 - Cross Site Request Forgery (CSRF) VulnerabilityEPSS 0.2%CVE-2024-13555MEDIUM1 Click WordPress Migration Plugin – 100% FREE for a limited time <= 2.2 - Cross-Site Request Forgery to Backup Process CancellationEPSS 0.2%CVE-2024-54410HIGHWordPress SOPA Blackout plugin <= 1.4 - CSRF to Stored XSS vulnerabilityEPSS 0.2%CVE-2026-11195MEDIUMInappropriate implementation in MHTML in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who convinced a user to engage in spEPSS 0.2%CVE-2024-35109MEDIUMidccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /homePro_deal.php?mudi=add&nohrefStr=close.EPSS 0.2%CVE-2024-39628MEDIUMWordPress Ninja Forms plugin <= 3.8.6 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2024-54409HIGHWordPress XPD Reduce Image Filesize plugin <= 1.0 - CSRF to Stored XSS vulnerabilityEPSS 0.2%CVE-2024-54397HIGHWordPress Go Animate plugin <= 1.0 - CSRF to Stored XSS vulnerabilityEPSS 0.2%CVE-2024-54393HIGHWordPress WP Fiddle plugin <= 1.0 - CSRF to Stored XSS vulnerabilityEPSS 0.2%CVE-2024-54391HIGHWordPress WordPress Filter plugin <= 1.4.1 - CSRF to Stored XSS vulnerabilityEPSS 0.2%