Fallos del tipo CWE-352

5733 resultados
CVE-2025-10375MEDIUMWeb Accessibility By accessiBe <= 2.10 - Cross-Site Request ForgeryEPSS 0.2%CVE-2025-8102MEDIUMEasy Digital Downloads <= 3.5.0 - Cross-Site Request Forgery to Plugin Deactivation via edd_sendwp_disconnect and edd_sendwp_remote_install FunctionsEPSS 0.2%CVE-2025-25146MEDIUMWordPress Songkick Concerts and Festivals plugin <= 0.9.7 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2025-59541HIGHChamilo: CSRF Vulnerability in Project DeletionEPSS 0.2%CVE-2024-11336MEDIUMClickbank WordPress Plugin (Storefront) <= 1.7 - Cross-Site Request Forgery to Stored Cross-Site ScriptingEPSS 0.2%CVE-2025-25145MEDIUMWordPress Infusionsoft Analytics Plugin <= 2.0 - Cross-Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2026-1082MEDIUMTITLE ANIMATOR <= 1.0 - Cross-Site Request Forgery to Settings UpdateEPSS 0.2%CVE-2026-3140MEDIUMUltimate Dashboard <= 3.8.14 - Cross-Site Request Forgery to Module Activation/DeactivationEPSS 0.2%CVE-2025-14167MEDIUMRemove Post Type Slug <= 1.0.2 - Cross-Site Request Forgery to Settings UpdateEPSS 0.2%CVE-2025-9631MEDIUMAutoCatSet <= 2.1.4 - Cross-Site Request ForgeryEPSS 0.2%CVE-2025-24538MEDIUMWordPress BuddyPress Groups Extras plugin <= 3.6.10 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2025-24537MEDIUMWordPress The Events Calendar plugin <= 6.7.0 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2025-10498MEDIUMNinja Forms – The Contact Form Builder That Grows With You <= 3.12.0 - Cross-Site Request Forgery to Limited File DeletionEPSS 0.2%CVE-2025-9630MEDIUMWP SinoType <= 1.0 - Cross-Site Request ForgeryEPSS 0.2%CVE-2025-9949MEDIUMInternal Links Manager <= 3.0.1 - Cross-Site Request ForgeryEPSS 0.2%CVE-2026-21430HIGHEmlog: CSRF chained with stored XSS leads to ATOEPSS 0.2%CVE-2025-9627MEDIUMRun Log <= 1.7.10 - Cross-Site Request Forgery to Settings UpdateEPSS 0.2%CVE-2026-24666MEDIUMOpen eClass is Vulnerable to CSRF in Teacher-Restricted Endpoints Allows Unauthorized ActionsEPSS 0.2%CVE-2025-9621MEDIUMWidgetPack Comment System <= 1.6.1 - Cross-Site Request ForgeryEPSS 0.2%CVE-2021-47946MEDIUMOpenCart 3.0.3.6 Account Takeover via Cross Site Request ForgeryEPSS 0.2%