Fallos del tipo CWE-352

5733 resultados
CVE-2025-25104HIGHWordPress URL-Preview-Box plugin <= 1.20 - CSRF to Stored XSS vulnerabilityEPSS 0.1%CVE-2025-25075HIGHWordPress Show notice or message on admin area plugin <= 2.0 - CSRF to Stored XSS vulnerabilityEPSS 0.1%CVE-2025-57983MEDIUMWordPress BP Disable Activation Reloaded Plugin <= 1.2.1 - Cross Site Request Forgery (CSRF) VulnerabilityEPSS 0.1%CVE-2025-25125HIGHWordPress Fyrebox Quizzes plugin <= 3.1 - CSRF to Stored XSS vulnerabilityEPSS 0.1%CVE-2025-57914MEDIUMWordPress Deliver via Shipos for WooCommerce plugin <= 3.0.2 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.1%CVE-2025-57933MEDIUMWordPress Piotnet Forms Plugin <= 1.0.30 - Cross Site Request Forgery (CSRF) VulnerabilityEPSS 0.1%CVE-2025-57915MEDIUMWordPress TOCHAT.BE Plugin <= 1.3.4 - Cross Site Request Forgery (CSRF) VulnerabilityEPSS 0.1%CVE-2025-26926MEDIUMWordPress Booknetic plugin <= 4.0.9 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.1%CVE-2025-13990MEDIUMMamurjor Employee Info <= 1.0.0 - Cross-Site Request Forgery to Arbitrary Employee and Related Data ManipulationEPSS 0.1%CVE-2025-57930MEDIUMWordPress Double the Donation Plugin <= 2.0.0 - Cross Site Request Forgery (CSRF) VulnerabilityEPSS 0.1%CVE-2025-57934MEDIUMWordPress LWS Affiliation Plugin <= 2.3.6 - Cross Site Request Forgery (CSRF) VulnerabilityEPSS 0.1%CVE-2026-32755MEDIUMAdmidio is Missing CSRF Protection on Role Membership Date ChangesEPSS 0.1%CVE-2025-12070MEDIUMViaAds <= 2.1.2 - Cross-Site Request Forgery to API Key UpdateEPSS 0.1%CVE-2025-31572MEDIUMWordPress Multi Days Events and Multi Events in One Day Calendar plugin <= 1.1.3 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.1%CVE-2024-56232HIGHWordPress WP Nice Loader plugin <= 0.1.0.4 - CSRF to Stored XSS vulnerabilityEPSS 0.1%CVE-2025-22669MEDIUMWordPress Awesome Event Booking plugin <= 2.7.5 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.1%CVE-2024-57159LOW07FLYCMS V1.3.9 was discovered to contain a Cross-Site Request Forgery (CSRF) via /erp.07fly.net:80/oa/OaWorkReport/add.html.EPSS 0.1%CVE-2025-9884MEDIUMMobile Site Redirect <= 1.2.1 - Cross-Site Request Forgery to Stored Cross-Site ScriptingEPSS 0.1%CVE-2025-9632MEDIUMPhpList Subber <= 1.1 - Cross-Site Request ForgeryEPSS 0.1%CVE-2024-46872MEDIUMClient-Side Path Traversal Leading to CSRF in PlaybooksEPSS 0.1%