Fallos del tipo CWE-352

5733 resultados
CVE-2025-27316MEDIUMWordPress JPG, PNG Compression and Optimization Plugin <= 1.7.35 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2025-27290MEDIUMWordPress Select Erima Zarinpal Donate Plugin <= 1.0 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2025-21550MEDIUMVulnerability in the Oracle Financial Services Behavior Detection Platform product of Oracle Financial Services Applications (component: WebEPSS 0.2%CVE-2025-31852MEDIUMWordPress Bulk Product Sync plugin <= 8.6 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2025-32667HIGHWordPress Doppler Forms plugin <= 2.5.1 - CSRF to Stored XSS vulnerabilityEPSS 0.2%CVE-2025-28910MEDIUMWordPress WP Hide Admin Bar plugin <= 2.0 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2024-43339MEDIUMWordPress WordPress Webinar Plugin – WebinarPress plugin <= 1.33.20 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2025-53451MEDIUMWordPress Mihdan: No External Links Plugin <= 5.1.6.2 - Cross Site Request Forgery (CSRF) VulnerabilityEPSS 0.2%CVE-2024-48341LOWdingfanzu CMS V1.0 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /admin/doAdminAction.php?act=addShopEPSS 0.2%CVE-2025-28941MEDIUMWordPress SPAM-BYBYE Plugin <= 2.2.4 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2024-5185HIGHData Poisoning in EmbedAIEPSS 0.2%CVE-2025-23627HIGHWordPress Comment-Emailer plugin <= 1.0.5 - CSRF to Stored Cross-Site Scripting vulnerabilityEPSS 0.2%CVE-2026-5918MEDIUMInappropriate implementation in Navigation in Google Chrome prior to 147.0.7727.55 allowed a remote attacker who had compromised the rendereEPSS 0.2%CVE-2025-22297MEDIUMWordPress AI WP Writer plugin <= 3.8.4.4 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2026-6452MEDIUMBigfishgames Syndicate <= 1.2 - Cross-Site Request Forgery to Settings Reset and UpdateEPSS 0.2%CVE-2024-9434MEDIUMWPGlobus Translate Options <= 2.2.0 - Cross-Site Request Forgery to Stored Cross-Site ScriptingEPSS 0.2%CVE-2025-32644HIGHWordPress IP2Location World Clock Plugin <= 1.1.9 - CSRF to Stored XSS vulnerabilityEPSS 0.2%CVE-2026-6701MEDIUMaddfreespace <= 0.1.3 - Cross-Site Request Forgery to Stored Cross-Site Scripting via Settings PageEPSS 0.2%CVE-2025-0610HIGHCSRF in Akinsoft's QR MenuEPSS 0.2%CVE-2025-50044MEDIUMWordPress Real Estate Manager plugin <= 7.3 - Cross Site Request Forgery (CSRF) VulnerabilityEPSS 0.2%