Fallos del tipo CWE-352
5733 resultadosCVE-2025-57960MEDIUMWordPress Travel Map Plugin <= 1.0.3 - Cross Site Request Forgery (CSRF) VulnerabilityEPSS 0.2%CVE-2026-43735HIGHThe issue was addressed with improved checks. This issue is fixed in Safari 26.5.2, iOS 26.5.2 and iPadOS 26.5.2, macOS Tahoe 26.5.2. A maliEPSS 0.2%CVE-2025-53456MEDIUMWordPress SEO Backlink Monitor plugin <= 1.8.0 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2024-40601MEDIUMAn issue was discovered in the MediaWikiChat extension for MediaWiki through 1.42.1. CSRF can occur in API modules.EPSS 0.2%CVE-2025-32673HIGHWordPress Epeken All Kurir plugin <= 2.0.6 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2025-32645HIGHWordPress Custom Posts Order Plugin <= 4.4 - CSRF to Stored Cross Site Scripting (XSS) vulnerabilityEPSS 0.2%CVE-2026-36956HIGHA Cross-Site Request Forgery (CSRF) vulnerability exists in the web management interface of the Dbit N300 T1 Pro wireless router V1.0.0. TheEPSS 0.2%CVE-2025-26963MEDIUMWordPress ClickWhale plugin <= 2.4.3 - Cross Site Request Forgery (CSRF) to Settings Change vulnerabilityEPSS 0.2%CVE-2025-25138HIGHWordPress On Page SEO + Social Live Chat (Formerly OPS) plugin <= 2.0.0 - CSRF to Stored XSS vulnerabilityEPSS 0.2%CVE-2024-47914MEDIUMVaeMendis - CWE-352: Cross-Site Request Forgery (CSRF)EPSS 0.2%CVE-2024-4839MEDIUMCSRF in Servers Configurations in parisneo/lollms-webuiEPSS 0.2%CVE-2025-55040HIGHThe import form CSRF vulnerability in MuraCMS through 10.1.10 allows attackers to upload and install malicious form definitions through a CSEPSS 0.2%CVE-2025-32644HIGHWordPress IP2Location World Clock Plugin <= 1.1.9 - CSRF to Stored XSS vulnerabilityEPSS 0.2%CVE-2025-32667HIGHWordPress Doppler Forms plugin <= 2.5.1 - CSRF to Stored XSS vulnerabilityEPSS 0.2%CVE-2026-4002MEDIUMPetje.af <= 2.1.8 - Cross-Site Request Forgery to Account Deletion via 'petjeaf_disconnect' AJAX ActionEPSS 0.2%CVE-2025-14852MEDIUMMDirector Newsletter <= 4.5.8 - Cross-Site Request Forgery to Plugin Settings UpdateEPSS 0.2%CVE-2025-25772MEDIUMA Cross-Site Request Forgery (CSRF) in the component /back/UserController.java of Jspxcms v9.0 to v9.5 allows attackers to arbitrarily add AEPSS 0.2%CVE-2025-55043MEDIUMMuraCMS through 10.1.10 contains a CSRF vulnerability in the bundle creation functionality (csettings.cfc createBundle method) that allows uEPSS 0.2%CVE-2018-25397MEDIUMPHP-SHOP 1.0 Cross-Site Request Forgery via users.phpEPSS 0.2%CVE-2026-27841HIGHSenseLive X3050 Cross-Site request forgeryEPSS 0.2%