Fallos del tipo CWE-352

5733 resultados
CVE-2025-32673HIGHWordPress Epeken All Kurir plugin <= 2.0.6 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2026-8424MEDIUMRemove Yellow BGBOX <= 1.0 - Cross-Site Request ForgeryEPSS 0.2%CVE-2024-49629HIGHWordPress Endless Posts Navigation plugin <= 2.2.7 - CSRF to Stored XSS vulnerabilityEPSS 0.2%CVE-2025-32659HIGHWordPress FraudLabs Pro for WooCommerce plugin <= 2.22.8 - CSRF to Stored XSS vulnerabilityEPSS 0.2%CVE-2026-57283MEDIUMA cross-site request forgery (CSRF) vulnerability in Jenkins Pipeline: Groovy Plugin 4331.v9d06ed4658ff and earlier allows attackers to instEPSS 0.2%CVE-2025-21550MEDIUMVulnerability in the Oracle Financial Services Behavior Detection Platform product of Oracle Financial Services Applications (component: WebEPSS 0.2%CVE-2025-28912MEDIUMWordPress Custom Dashboard Page plugin <= 1.0 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2025-32661HIGHWordPress Interactive US Map plugin <= 2.7 - CSRF to Stored XSS vulnerabilityEPSS 0.2%CVE-2024-12541MEDIUMChative Live chat and Chatbot <= 1.1 - Cross-Site Request Forgery via add_chative_widget_action FunctionEPSS 0.2%CVE-2026-1070MEDIUMAlex User Counter <= 6.0 - Cross-Site Request Forgery to Settings UpdateEPSS 0.2%CVE-2025-58856MEDIUMWordPress Woocommerce Notify Updated Product Plugin <= 1.6 - Cross Site Request Forgery (CSRF) VulnerabilityEPSS 0.2%CVE-2025-27290MEDIUMWordPress Select Erima Zarinpal Donate Plugin <= 1.0 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2025-28913MEDIUMWordPress WP Add Active Class To Menu Item plugin <=1.0 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2025-31852MEDIUMWordPress Bulk Product Sync plugin <= 8.6 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2025-27316MEDIUMWordPress JPG, PNG Compression and Optimization Plugin <= 1.7.35 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2025-28887MEDIUMWordPress Plugins Last Updated Column plugin <= 0.1.3 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2025-32664HIGHWordPress Nepali Date Utilities plugin <= 1.0.15 - CSRF to Stored XSS vulnerabilityEPSS 0.2%CVE-2025-57946MEDIUMWordPress payOS plugin <= 1.0.73 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2024-13522MEDIUMmagayo Lottery Results <= 2.0.12 - Cross-Site Request Forgery to Stored Cross-Site ScriptingEPSS 0.2%CVE-2025-32645HIGHWordPress Custom Posts Order Plugin <= 4.4 - CSRF to Stored Cross Site Scripting (XSS) vulnerabilityEPSS 0.2%