Fallos del tipo CWE-352

5733 resultados
CVE-2025-27335MEDIUMWordPress Auto Tag Links Plugin <= 1.0.13 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.1%CVE-2025-13363MEDIUMIMAQ Core <= 1.2.1 - Cross-Site Request Forgery to URL Structure UpdateEPSS 0.1%CVE-2019-25234MEDIUMCarlo Gavazzi SmartHouse Webapp 6.5.33 Cross-Site Request Forgery and XSSEPSS 0.1%CVE-2025-31888MEDIUMWordPress WP Multi Store Locator Plugin <= 2.5.2 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.1%CVE-2025-27342MEDIUMWordPress WooCommerce Recargo de Equivalencia Plugin <= 1.6.24 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.1%CVE-2020-37096MEDIUMEdimax EW-7438RPn - Cross-Site Request Forgery (MAC Filtering)EPSS 0.1%CVE-2025-32274MEDIUMWordPress w3all phpBB integration Plugin <= 2.9.8 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.1%CVE-2026-1503MEDIUMlogin_register <= 1.2.0 - Cross-Site Request Forgery to Stored Cross-Site ScriptingEPSS 0.1%CVE-2025-31588MEDIUMWordPress Elfsight Testimonials Slider plugin <= 1.0.1 - Cross Site Request Forgery (CSRF) to Settings Change vulnerabilityEPSS 0.1%CVE-2025-32267MEDIUMWordPress WP to Hootsuite plugin <= 1.5.8 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.1%CVE-2026-10553MEDIUMjQuery Hover Footnotes <= 1.4 - Cross-Site Request Forgery to Plugin Settings UpdateEPSS 0.1%CVE-2025-63716MEDIUMThe SourceCodester Leads Manager Tool v1.0 is vulnerable to Cross-Site Request Forgery (CSRF) attacks that allow unauthorized state-changingEPSS 0.1%CVE-2019-25238MEDIUMV-SOL GPON/EPON OLT Platform 2.03 Cross-Site Request Forgery VulnerabilityEPSS 0.1%CVE-2025-30908HIGHWordPress Web Directory Free plugin <= 1.7.6 - CSRF to Cross Site Scripting (XSS) vulnerabilityEPSS 0.1%CVE-2025-57977HIGHWordPress Flexible PDF Invoices for WooCommerce & WordPress Plugin <= 6.0.13 - Cross Site Request Forgery (CSRF) VulnerabilityEPSS 0.1%CVE-2026-28201HIGHSurrealDB Injection on Open NotebookEPSS 0.1%CVE-2025-25168HIGHWordPress BookPress – For Book Authors Plugin <= 1.2.7 - CSRF to Stored XSS vulnerabilityEPSS 0.1%CVE-2025-22768HIGHWordPress Rocket Media Library Mime Type plugin <= 2.1.0 - CSRF to Stored Cross Site Scripting (XSS) vulnerabilityEPSS 0.1%CVE-2025-23989HIGHWordPress Internal Link Builder plugin <= 1.0 - CSRF to Stored XSS vulnerabilityEPSS 0.1%CVE-2026-33372MEDIUMAn issue was discovered in Zimbra Collaboration (ZCS) 10.0 and 10.1. A cross-site request forgery (CSRF) vulnerability exists in Zimbra WebmEPSS 0.1%