Fallos del tipo CWE-352
5733 resultadosCVE-2024-49672HIGHWordPress Google Docs RSVP plugin <= 2.0.1 - CSRF to Stored Cross Site Scripting (XSS) vulnerabilityEPSS 0.2%CVE-2025-2935MEDIUMAnti-Spam: Spam Protection | Block Spam Users, Comments, Forms <= 2024.7 - Cross-Site Request Forgery to Multiple Administrative ActionsEPSS 0.2%CVE-2024-53723HIGHWordPress Google Plus Share and +1 Button plugin <= 1.0 - CSRF to Stored Cross Site Scripting (XSS) vulnerabilityEPSS 0.2%CVE-2024-53715HIGHWordPress Simple Travel Map plugin <= 0.1 - CSRF to Stored Cross Site Scripting (XSS) vulnerabilityEPSS 0.2%CVE-2024-6751MEDIUMSocial Auto Poster <= 5.3.14 - Cross-Site Request Forgery via Multiple FunctionsEPSS 0.2%CVE-2024-11341MEDIUMSimple Redirection <= 1.5 - Cross-Site Request Forgery to Arbitrary Site RedirectEPSS 0.2%CVE-2026-40926HIGHWWBN AVideo Vulnerable to CSRF in Admin JSON Endpoints (Category CRUD, Plugin Update Script)EPSS 0.2%CVE-2024-53718HIGHWordPress Multi Feed Reader plugin <= 2.2.4 - CSRF to Stored Cross Site Scripting (XSS) vulnerabilityEPSS 0.2%CVE-2024-53720HIGHWordPress WP-ISPConfig 3 plugin <= 1.5.6 - CSRF to Stored XSS vulnerabilityEPSS 0.2%CVE-2026-27589MEDIUMCaddy vulnerable to cross-origin config application via local admin API /load (caddy)EPSS 0.2%CVE-2024-53726HIGHWordPress RealtyCandy IDX Broker Extended plugin <= 1.5.1 - CSRF to Stored Cross Site Scripting (XSS) vulnerabilityEPSS 0.2%CVE-2025-50036MEDIUMWordPress Mailing Group Listserv plugin <= 3.0.5 - Cross Site Request Forgery (CSRF) VulnerabilityEPSS 0.2%CVE-2024-53725HIGHWordPress Post Hits Counter plugin <= 2.8.23 - CSRF to Reflected Cross Site Scripting (XSS) vulnerabilityEPSS 0.2%CVE-2025-11954HIGHCSRF in Sitemio's WISECPEPSS 0.2%CVE-2024-53717HIGHWordPress yPHPlista plugin <= 1.1.1 - CSRF to Stored Cross Site Scripting (XSS) vulnerabilityEPSS 0.2%CVE-2024-53716HIGHWordPress wp auto top plugin <= 2.9.3 - CSRF to Stored Cross Site Scripting (XSS) vulnerabilityEPSS 0.2%CVE-2024-10789MEDIUMWP User Profile Avatar <= 1.0.5 - Cross-Site Request Forgery to Settings UpdateEPSS 0.2%CVE-2024-53722HIGHWordPress Favicon My Blog plugin <= 1.0.2 - CSRF to Stored Cross Site Scripting (XSS) vulnerabilityEPSS 0.2%CVE-2024-53719HIGHWordPress Zajax – Ajax Navigation plugin <= 0.4 - CSRF to Stored Cross Site Scripting (XSS) vulnerabilityEPSS 0.2%CVE-2024-56229MEDIUMWordPress SearchIQ plugin <= 4.6 - Cross-Site Requst Forgery (CSRF) vulnerabilityEPSS 0.2%