Fallos del tipo CWE-352
5733 resultadosCVE-2020-37106MEDIUMBusiness Live Chat Software 1.0 - Cross-Site Request Forgery (Add Admin)EPSS 0.2%CVE-2025-30923MEDIUMWordPress Gift Message for WooCommerce plugin <= 1.7.8 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2026-12986HIGHA critical vulnerability in Admin GUI in Payara Server Full 4.x, 5.x, 6.x, 7.x, 7.2026.x, 6.2025.x, 6.2024.x on All platforms that allows thEPSS 0.2%CVE-2022-40724MEDIUMCross-Site Request Forgery on PingFederate Local Identity Profiles Endpoint.EPSS 0.2%CVE-2026-4131MEDIUMWP Responsive Popup + Optin <= 1.4 - Cross-Site Request Forgery to Stored Cross-Site Scripting via 'wpo_image_url' ParameterEPSS 0.2%CVE-2024-1446MEDIUMNextScripts: Social Networks Auto-Poster <= 4.4.3 - Cross-Site Request Forgery to Arbitrary Post DeletionEPSS 0.2%CVE-2024-4429MEDIUMCross Site Request Forgery vulnerability in iManagerEPSS 0.2%CVE-2025-54598MEDIUMThe Bevy Event service through 2025-07-22, as used for eBay Seller Events and other activities, allows CSRF to delete all notifications via EPSS 0.2%CVE-2026-1924MEDIUMAruba HiSpeed Cache <= 3.0.4 - Cross-Site Request Forgery to Plugin Settings ResetEPSS 0.2%CVE-2023-2447MEDIUMUserPro <= 5.1.1 - Cross-Site Request Forgery to Sensitive Information ExposureEPSS 0.2%CVE-2025-32266MEDIUMWordPress 404 Image Redirection (Replace Broken Images) plugin <= 1.4 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2025-31688MEDIUMConfiguration Split - Moderately critical - Cross Site Request Forgery - SA-CONTRIB-2025-017EPSS 0.2%CVE-2025-25128HIGHWordPress Facilita Form Tracker plugin <= 1.0 - CSRF to Stored XSS vulnerabilityEPSS 0.2%CVE-2025-28863MEDIUMWordPress Delete Original Image plugin <= 0.4 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2025-32272MEDIUMWordPress Wishlist plugin <= 1.0.46 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2024-37431MEDIUMWordPress Mesmerize theme <= 1.6.120 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2026-6396MEDIUMFast & Fancy Filter – 3F <= 1.2.2 - Cross-Site Request Forgery to Settings Modification via fff_save_settins AJAX ActionEPSS 0.2%CVE-2024-37236MEDIUMWordPress Loco Translate plugin <= 2.6.9 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2025-23720HIGHWordPress Web Push plugin <= 1.4.0 - CSRF to Stored XSS vulnerabilityEPSS 0.2%CVE-2025-28859MEDIUMWordPress Maintenance Notice plugin <= 1.0.6 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%