Fallos del tipo CWE-352

5733 resultados
CVE-2024-2368MEDIUMMollie Forms <= 2.6.13 - Cross-Site Request Forgery to Arbitrary Post DuplicationEPSS 0.2%CVE-2024-21044MEDIUMVulnerability in the Oracle Complex Maintenance, Repair, and Overhaul product of Oracle E-Business Suite (component: LOV). Supported versioEPSS 0.2%CVE-2024-39641MEDIUMWordPress LearnPress plugin <= 4.2.6.8.2 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2025-22563MEDIUMWordPress Pretty Urls Plugin <= 1.5.5 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2024-4409MEDIUMWP-ViperGB <= 1.6.1 - Cross-Site Request ForgeryEPSS 0.2%CVE-2024-45527MEDIUMREDCap 14.7.0 allows HTML injection via the project title of a New Project action. This can lead to resultant logout CSRF via index.php?logoEPSS 0.2%CVE-2024-33646HIGHWordPress Sticky Anything plugin <= 2.1.5 - Broken Access Control to XSS vulnerabilityEPSS 0.2%CVE-2024-38729MEDIUMWordPress MBE eShip plugin <= 2.1.2 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2026-44364CRITICALmisp-modules website - Missing CSRF protection in the website home blueprintEPSS 0.2%CVE-2024-12218MEDIUMWoocommerce check pincode/zipcode for shipping <= 2.0.4 - Cross-Site Request Forgery to Reflected Cross-Site ScriptingEPSS 0.2%CVE-2025-12535MEDIUMSureForms <= 1.13.1 - Cross-Site Request Forgery Protection Bypass via Improper Nonce DistributionEPSS 0.2%CVE-2024-4541MEDIUMCustom Product List Table <= 3.0.0 - Cross-Site Request ForgeryEPSS 0.2%CVE-2022-47424MEDIUMWordPress ARMember plugin <= 4.0.5 - Cross Site Request Forgery (CSRF)EPSS 0.2%CVE-2024-21202MEDIUMVulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft (component: PIA Core Technology). Supported versions thEPSS 0.2%CVE-2025-23569HIGHWordPress Shortcode in Comment plugin <= 1.1.1 - CSRF to Stored XSS vulnerabilityEPSS 0.2%CVE-2025-9886MEDIUMTrinity Audio <= 5.20.2 - Cross-Site Request ForgeryEPSS 0.2%CVE-2025-29929MEDIUMTuleap is missing CSRF protection on tracker hierarchy administrationEPSS 0.2%CVE-2024-31105HIGHWordPress Tax Rate Upload plugin <= 2.4.5 - CSRF leading to Cross Site Scripting (XSS) vulnerabilityEPSS 0.2%CVE-2025-23577HIGHWordPress Word Freshener plugin <= 1.3 - CSRF to Stored XSS vulnerabilityEPSS 0.2%CVE-2023-45629MEDIUMWordPress Responsive Image Gallery, Gallery Album Plugin <= 2.0.3 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.2%