Fallos del tipo CWE-352

5733 resultados
CVE-2024-37243MEDIUMWordPress Vandana Lite theme <= 1.1.9 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2025-30912MEDIUMWordPress Float menu plugin <= 6.1.2 - Cross Site Request Forgery (CSRF) to Settings Change vulnerabilityEPSS 0.2%CVE-2024-11142HIGHCSRF in Gosoft Software's Proticaret E-CommerceEPSS 0.2%CVE-2026-55741HIGHCotonti CSRF in admin.config.php allows unauthorized configuration changesEPSS 0.2%CVE-2024-31251MEDIUMWordPress Community by PeepSo plugin <= 6.3.1.1 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2026-11200MEDIUMInappropriate implementation in WebRTC in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to leak cross-origin data via a craEPSS 0.2%CVE-2024-30617MEDIUMA Cross-Site Request Forgery (CSRF) vulnerability in Chamilo LMS 1.11.26 "/main/social/home.php," allows attackers to initiate a request thaEPSS 0.2%CVE-2021-47722MEDIUMZucchetti Axess CLOKI Access Control 1.64 Cross-Site Request ForgeryEPSS 0.2%CVE-2026-11134MEDIUMInappropriate implementation in Media in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to leak cross-origin data via a crafEPSS 0.2%CVE-2024-37421MEDIUMWordPress JobScout theme <= 1.1.4 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2025-8104MEDIUMMemory Usage <= 3.98 - Cross-Site Request Forgery to Limited Plugin Installation via wpmemory_install_plugin FunctionEPSS 0.2%CVE-2026-11083MEDIUMInappropriate implementation in Password Manager in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to leak cross-origin dataEPSS 0.2%CVE-2026-1672MEDIUMBEAR – Bulk Editor and Products Manager Professional for WooCommerce by Pluginus.Net <= 1.1.5 - Cross-Site Request Forgery to Product Data ModificationEPSS 0.2%CVE-2026-11129MEDIUMInappropriate implementation in Extensions in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to leak cross-origin data via aEPSS 0.2%CVE-2024-12526MEDIUMArena.IM – Live Blogging for real-time events <= 0.4.1 - Cross-Site Request Forgery to Settings UpdateEPSS 0.2%CVE-2026-6292MEDIUMMP Customize Login Page <= 1.0 - Cross-Site Request Forgery to Settings UpdateEPSS 0.2%CVE-2018-25155MEDIUMTeradek Slice 7.3.15 Cross-Site Request Forgery via Password ChangeEPSS 0.2%CVE-2025-8479MEDIUMZoho Flow <= 2.14.1 - Cross-Site Request ForgeryEPSS 0.2%CVE-2018-25156MEDIUMTeradek Cube 7.3.6 Cross-Site Request Forgery Password ChangeEPSS 0.2%CVE-2024-45372MEDIUMMZK-DP300N firmware versions 1.04 and earlier contains a cross-site request forger vulnerability. Viewing a malicious page while logging in EPSS 0.2%