Fallos del tipo CWE-352

5733 resultados
CVE-2025-9628MEDIUMThe integration of the AMO.CRM <= 1.0.1 - Cross-Site Request ForgeryEPSS 0.2%CVE-2026-40325HIGHMasa CMS CSRF in content restoration allows unauthorized restoration of deleted contentEPSS 0.2%CVE-2025-8102MEDIUMEasy Digital Downloads <= 3.5.0 - Cross-Site Request Forgery to Plugin Deactivation via edd_sendwp_disconnect and edd_sendwp_remote_install FunctionsEPSS 0.2%CVE-2025-25072HIGHWordPress WP Admin Custom Page plugin <= 1.5.0 - CSRF to Stored XSS vulnerabilityEPSS 0.1%CVE-2025-25123HIGHWordPress Easy Related Posts plugin <= 2.0.2 - CSRF to Stored XSS vulnerabilityEPSS 0.1%CVE-2025-34429HIGH1Panel CSRF Web Port Configuration ChangeEPSS 0.1%CVE-2019-25359HIGHSD.NET RIM 4.7.3c - 'idtyp' SQL InjectionEPSS 0.1%CVE-2020-37091MEDIUMMaian Support Helpdesk 4.3 - Cross-Site Request Forgery (Add Admin)EPSS 0.1%CVE-2025-25125HIGHWordPress Fyrebox Quizzes plugin <= 3.1 - CSRF to Stored XSS vulnerabilityEPSS 0.1%CVE-2025-25075HIGHWordPress Show notice or message on admin area plugin <= 2.0 - CSRF to Stored XSS vulnerabilityEPSS 0.1%CVE-2025-57983MEDIUMWordPress BP Disable Activation Reloaded Plugin <= 1.2.1 - Cross Site Request Forgery (CSRF) VulnerabilityEPSS 0.1%CVE-2024-13510MEDIUMShopSite <= 1.5.10 - Cross-Site Request Forgery to Stored Cross-Site ScriptingEPSS 0.1%CVE-2025-65840HIGHPublicCMS V5.202506.b is vulnerable to Cross Site Request Forgery (CSRF) in the CkEditorAdminController.EPSS 0.1%CVE-2025-13408MEDIUMFoxtool All-in-One: Contact chat button, Custom login, Media optimize images <= 2.5.2 - Cross-Site Request Forgery to Google OAuth ConnectionEPSS 0.1%CVE-2025-49510MEDIUMWordPress Min Max Step Quantity Limits Manager for WooCommerce plugin <= 5.1.0 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.1%CVE-2025-57924MEDIUMWordPress Developer Plugin <= 1.2.6 - Cross Site Request Forgery (CSRF) VulnerabilityEPSS 0.1%CVE-2025-25104HIGHWordPress URL-Preview-Box plugin <= 1.20 - CSRF to Stored XSS vulnerabilityEPSS 0.1%CVE-2025-13671MEDIUMCross Site request forgery vulnerability discovered in OpenText WSM Management Server.EPSS 0.1%CVE-2026-31954NONEEmlog asynchronous media file deletion missing CSRF protectionEPSS 0.1%CVE-2025-6059MEDIUMSeraphinite Accelerator <= 2.27.21 - Cross-Site Request Forgery to Multiple Administrative ActionsEPSS 0.1%