Fallos del tipo CWE-352

5733 resultados
CVE-2025-28984MEDIUMWordPress Subscription Renewal Reminders for WooCommerce plugin <= 1.4.1 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.1%CVE-2025-46462MEDIUMWordPress WPVN plugin <= 0.7.8 - Cross Site Request Forgery (CSRF) VulnerabilityEPSS 0.1%CVE-2025-52797HIGHWordPress StoryMap Plugin <= 2.1 - Cross Site Request Forgery (CSRF) VulnerabilityEPSS 0.1%CVE-2024-23734MEDIUMCross Site Request Forgery vulnerability in in the upload functionality of the User Profile pages in savignano S/Notify before 2.0.1 for BitEPSS 0.1%CVE-2025-15377MEDIUMSosh Share Buttons <= 1.1.0 - Cross-Site Request ForgeryEPSS 0.1%CVE-2025-39424HIGHWordPress Simple Maps plugin <= 0.98 - CSRF to XSS vulnerabilityEPSS 0.1%CVE-2025-58831MEDIUMWordPress Parallax Scrolling Enllax.js Plugin <= 0.0.6 - Cross Site Request Forgery (CSRF) VulnerabilityEPSS 0.1%CVE-2025-28925HIGHWordPress WATI Chat and Notification plugin <= 1.1.2 - CSRF to Stored Cross Site Scripting (XSS) vulnerabilityEPSS 0.1%CVE-2025-28883HIGHWordPress WP Compare Tables plugin <= 1.0.5 - CSRF to Stored XSS vulnerabilityEPSS 0.1%CVE-2025-39416HIGHWordPress translit it! plugin <= 1.6 - CSRF to Stored XSS vulnerabilityEPSS 0.1%CVE-2025-66529MEDIUMWordPress Chartify plugin <= 3.6.3 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.1%CVE-2025-28894HIGHWordPress List of Posts from each Category plugin for WordPress plugin <= 2.0 - CSRF to Stored XSS vulnerabilityEPSS 0.1%CVE-2025-39440HIGHWordPress Broken Links Remover plugin <= 1.2.2 - CSRF to Stored XSS vulnerabilityEPSS 0.1%CVE-2025-28901HIGHWordPress Members page only for logged in users plugin <= 1.4.2 - CSRF to Stored XSS vulnerabilityEPSS 0.1%CVE-2025-39414HIGHWordPress spam-stopper plugin <= 3.1.3 - CSRF to Stored XSS vulnerabilityEPSS 0.1%CVE-2026-5923MEDIUMPoly Voice – Potential Unauthorized Modification of WebUI using CSRF AttackEPSS 0.1%CVE-2025-39418HIGHWordPress RSS Manager plugin <= 0.06 - CSRF to Stored XSS vulnerabilityEPSS 0.1%CVE-2024-13768MEDIUMCITS Support svg, webp Media and TTF,OTF File Upload, Use Custom Fonts <= 4.2 - Cross-Site Request Forgery to Font Assignment DeletionEPSS 0.1%CVE-2025-39433HIGHWordPress Bknewsticker plugin <= 1.0.5 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.1%CVE-2026-25649HIGHTraccar Vulnerable to Authorization Code Theft via Open Redirect in OIDC Provider EndpointsEPSS 0.1%