Fallos del tipo CWE-352
5733 resultadosCVE-2025-30857HIGHWordPress Currency Switcher for WooCommerce plugin <= 0.0.7 - CSRF to Stored XSS vulnerabilityEPSS 0.2%CVE-2025-30564HIGHWordPress Custom Script Integration plugin <= - 2.1 Cross Site Request Forgery (CSRF) VulnerabilityEPSS 0.2%CVE-2024-46485MEDIUMdingfanzu CMS 1.0 was discovered to contain a Cross-Site Request Forgery (CSRF) via /admin/doAdminAction.php?act=addCateEPSS 0.2%CVE-2025-30555HIGHWordPress WordPres 同步微博 plugin <= 1.1.0 - CSRF to Stored XSS vulnerabilityEPSS 0.2%CVE-2026-55744HIGHCotonti CSRF in PFS allows forced arbitrary file uploadEPSS 0.2%CVE-2024-11014MEDIUMCross-site request forgery (CSRF) vulnerability in NEC Corporation UNIVERGE IX from Ver9.2 to Ver10.10.21, for Ver10.8 up to Ver10.8.27 and EPSS 0.2%CVE-2024-51659HIGHWordPress Twitter @Anywhere Plus plugin <= 2.0 - CSRF to Stored XSS vulnerabilityEPSS 0.2%CVE-2025-65472HIGHA Cross-Site Request Forgery (CSRF) in the /admin/admin.inc.php component of EasyImages 2.0 v2.8.6 and below allows attackers to escalate prEPSS 0.2%CVE-2024-53712HIGHWordPress Kevin's plugin <= 2.0.0 - CSRF to Stored XSS vulnerabilityEPSS 0.2%CVE-2024-3593HIGHUberMenu <= 3.8.3 - Cross-Site Request Forgery to Settings ResetEPSS 0.2%CVE-2024-53711HIGHWordPress Hotlink2Watermark plugin <= 0.3.2 - CSRF to Stored XSS vulnerabilityEPSS 0.2%CVE-2024-51658HIGHWordPress WP Course Manager plugin <= 1.3 - CSRF to Stored XSS vulnerabilityEPSS 0.2%CVE-2024-53713HIGHWordPress Silverlight Video Player plugin <= 1.0 - CSRF to Stored XSS vulnerabilityEPSS 0.2%CVE-2024-53714HIGHWordPress Continue Shopping From Cart plugin <= 1.3 - CSRF to Stored XSS vulnerabilityEPSS 0.2%CVE-2025-25769HIGHWangmarket v4.10 to v5.0 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /controller/UserController.java.EPSS 0.2%CVE-2024-53710HIGHWordPress ITERAS plugin <= 1.8.0 - CSRF to Stored XSS vulnerabilityEPSS 0.2%CVE-2026-11200MEDIUMInappropriate implementation in WebRTC in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to leak cross-origin data via a craEPSS 0.2%CVE-2025-58250HIGHWordPress Findgo Theme <= 1.3.55 - Cross Site Request Forgery (CSRF) VulnerabilityEPSS 0.2%CVE-2024-45372MEDIUMMZK-DP300N firmware versions 1.04 and earlier contains a cross-site request forger vulnerability. Viewing a malicious page while logging in EPSS 0.2%CVE-2025-60111HIGHWordPress Javo Core Plugin <= 3.0.0.266 - Cross Site Request Forgery (CSRF) VulnerabilityEPSS 0.2%