Fallos del tipo CWE-352

5733 resultados
CVE-2025-32494MEDIUMWordPress reCAPTCHA Jetpack plugin <= 0.2.2 - Cross Site Request Forgery (CSRF) VulnerabilityEPSS 0.2%CVE-2024-54401HIGHWordPress Advanced Fancybox plugin <= 1.1.1 - CSRF to Stored XSS vulnerabilityEPSS 0.2%CVE-2024-54397HIGHWordPress Go Animate plugin <= 1.0 - CSRF to Stored XSS vulnerabilityEPSS 0.2%CVE-2024-54400HIGHWordPress AppMaps plugin <= 1.1 - CSRF to Stored XSS vulnerabilityEPSS 0.2%CVE-2024-54393HIGHWordPress WP Fiddle plugin <= 1.0 - CSRF to Stored XSS vulnerabilityEPSS 0.2%CVE-2024-12291MEDIUMViewMedica 9 <= 1.4.17 - Cross-Site Request Forgery to Reflected Cross-Site ScriptingEPSS 0.2%CVE-2025-32485MEDIUMWordPress WP Performance Pack plugin <= 2.5.4 - Cross Site Request Forgery (CSRF) VulnerabilityEPSS 0.2%CVE-2025-48885MEDIUMapplication-urlshortener users can create arbitrary pages as long as they have view access to themEPSS 0.2%CVE-2024-3407MEDIUMWP Prayer <= 2.0.9 - Arbitrary Prayer Deletion via CSRFEPSS 0.2%CVE-2024-13244HIGHMigrate Tools - Moderately critical - Cross Site Request Forgery - SA-CONTRIB-2024-008EPSS 0.2%CVE-2024-2969MEDIUMWP-Eggdrop <= 0.1 - Cross-Site Request Forgery to Settings UpdateEPSS 0.2%CVE-2026-6755MEDIUMMitigation bypass in the DOM: postMessage componentEPSS 0.2%CVE-2024-2748MEDIUMCSRF vulnerability was identified in GitHub Enterprise Server that allowed performing actions on behalf of a userEPSS 0.2%CVE-2025-22562MEDIUMWordPress Title Experiments Free plugin <= 9.0.4 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2024-52420MEDIUMWordPress Disable Admin Notices individually plugin <= 1.4.0 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2024-13250HIGHDrupal Symfony Mailer Lite - Moderately critical - Cross Site Request Forgery - SA-CONTRIB-2024-014EPSS 0.2%CVE-2026-54359HIGHMISP automation endpoints may be exposed to CSRF when Sec-Fetch-Site protection is disabled by defaultEPSS 0.2%CVE-2024-13260HIGHMigrate queue importer - Moderately critical - Cross Site Request Forgery - SA-CONTRIB-2024-024EPSS 0.2%CVE-2024-13284HIGHGutenberg - Moderately critical - Cross Site Request Forgery - SA-CONTRIB-2024-048EPSS 0.2%CVE-2024-54226HIGHWordPress Country Blocker plugin <= 3.2 - CSRF to Stored XSS vulnerabilityEPSS 0.2%