Fallos del tipo CWE-352

5733 resultados
CVE-2025-0801MEDIUMRateMyAgent Official <= 1.4.0 - Cross-Site Request Forgery to API Key UpdateEPSS 0.2%CVE-2025-53897MEDIUMKiteworks MFT has a Cross-Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2025-22300MEDIUMWordPress PixelYourSite plugin <= 10.0.1.2 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2024-35636MEDIUMWordPress Uploadcare File Uploader and Adaptive Delivery plugin <= 3.0.11 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2024-37925MEDIUMWordPress BuddyBoss Theme theme <= 2.4.61 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2026-8426HIGHConcrete CMS 9.5.0 and below is vulnerable to CSRF on prepare_remote_upgrade() leading to one-request RCE via package overwriteEPSS 0.2%CVE-2025-22557HIGHWordPress News Publisher Autopilot plugin <= 2.1.4 - CSRF to Stored XSS vulnerabilityEPSS 0.2%CVE-2025-22559HIGHWordPress TubePress.NET Plugin <= 4.0.1 - CSRF to Stored XSS vulnerabilityEPSS 0.2%CVE-2024-52421HIGHWordPress WP Popup Window Maker plugin <= 2.0 - CSRF to Stored XSS vulnerabilityEPSS 0.2%CVE-2025-47701HIGHRestrict route by IP - Critical - Cross Site Request Forgery - SA-CONTRIB-2025-047EPSS 0.2%CVE-2025-36728MEDIUMSimpleHelp Cross Site Request ForgeryEPSS 0.2%CVE-2025-22571HIGHWordPress Instabot plugin <= 1.10 - CSRF to Stored XSS vulnerabilityEPSS 0.2%CVE-2025-22556HIGHWordPress Norse Rune Oracle plugin <= 1.4.2 - CSRF to Stored XSS vulnerabilityEPSS 0.2%CVE-2025-22590HIGHWordPress Prayer Times Anywhere plugin <= 2.0.1 - CSRF to Stored XSS vulnerabilityEPSS 0.2%CVE-2025-52835CRITICALWordPress WING WordPress Migrator plugin <= 1.2.0 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2024-52388HIGHWordPress Hebrew Date plugin <= 2.1.0 - CSRF to Stored XSS vulnerabilityEPSS 0.2%CVE-2024-43299MEDIUMWordPress SpeedyCache plugin <= 1.1.8 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2026-8421HIGHConcrete CMS 9.5.0 and below is vulnerable to CSRF on install_package() with conditional token bypass leading to RCEEPSS 0.2%CVE-2025-22555HIGHWordPress Smoothness Slider Shortcode plugin <= v1.2.2 - CSRF to Stored XSS vulnerabilityEPSS 0.2%CVE-2025-47708HIGHEnterprise MFA - TFA for Drupal - Critical - Cross Site Request Forgery - SA-CONTRIB-2025-054EPSS 0.2%