Fallos del tipo CWE-352
5733 resultadosCVE-2024-37939MEDIUMWordPress Patricia Lite theme <= 1.2.3 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2024-37938MEDIUMWordPress SociallyViral theme <= 1.0.10 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2026-11194MEDIUMInappropriate implementation in Network in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to leak cross-origin data via a crEPSS 0.2%CVE-2024-35673MEDIUMWordPress Pure Chat plugin <= 2.22 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2024-37469MEDIUMWordPress Blocksy theme <= 1.9.5 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2025-47491HIGHWordPress Contact Form Widget plugin <= 1.4.6 - Cross Site Request Forgery (CSRF) VulnerabilityEPSS 0.2%CVE-2024-12170MEDIUMViewMedica Embed <= 1.4.15 - Cross-Site Request Forgery to SQL InjectionEPSS 0.2%CVE-2025-62797HIGHCSRF in FluxCP account endpoints allows account takeover / state-changing actionsEPSS 0.2%CVE-2024-13683MEDIUMAutomate Hub Free by Sperse.IO <= 1.7.0 - Cross-Site Request Forgery to Activation Status UpdateEPSS 0.2%CVE-2026-24885MEDIUMKanboard Affected by Cross-Site Request Forgery (CSRF) via Content-Type Misconfiguration in Project Role AssignmentEPSS 0.2%CVE-2025-21538MEDIUMVulnerability in the JD Edwards EnterpriseOne Tools product of Oracle JD Edwards (component: Web Runtime SEC). Supported versions that are EPSS 0.2%CVE-2024-13523MEDIUMMemorialDay <= 1.0.4 - Cross-Site Request Forgery to Stored Cross-Site ScriptingEPSS 0.2%CVE-2025-24724MEDIUMWordPress Side Menu Lite Plugin <= 5.3.1 - Cross Site Request Forgery (CSRF) to Settings Change vulnerabilityEPSS 0.2%CVE-2025-7835MEDIUMiThoughts Advanced Code Editor <= 1.2.10 - Cross-Site Request Forgery to Settings UpdateEPSS 0.2%CVE-2025-66407MEDIUMWeblate has Server-Side Request Forgery vulnerabilityEPSS 0.2%CVE-2026-40549MEDIUMCross-Site Request Forgery in SOPlanningEPSS 0.2%CVE-2015-20113MEDIUMRealtyScript 4.0.2 Multiple Cross-Site Request Forgery and Persistent Cross-Site Scripting VulnerabilitiesEPSS 0.2%CVE-2024-8120MEDIUMImageRecycle pdf & image compression <= 3.1.14 - Cross-Site Request in Several AJAX ActionsEPSS 0.2%CVE-2025-24720MEDIUMWordPress Sticky Buttons Plugin <= 4.1.1 - Cross Site Request Forgery (CSRF) to Settings Change vulnerabilityEPSS 0.2%CVE-2024-35557MEDIUMidccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /admin/vpsApi_deal.php?mudi=rev&nohrefStr=closeEPSS 0.2%