Fallos del tipo CWE-352

5733 resultados
CVE-2019-25247MEDIUMBeward N100 H.264 VGA IP Camera M2.1.6 CSRF Add Admin VulnerabilityEPSS 0.1%CVE-2025-23985MEDIUMWordPress Dynamic URL SEO plugin <= 1.0 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.1%CVE-2026-29839HIGHDedeCMS v5.7.118 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability in /sys_task_add.php.EPSS 0.1%CVE-2024-13710MEDIUMEstatebud – Properties & Listings <= 5.5.0 - Cross-Site Request Forgery to Settings UpdateEPSS 0.1%CVE-2025-24533MEDIUMWordPress MetaSlider plugin <= 3.92.0 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.1%CVE-2025-13606MEDIUMExport All Posts, Products, Orders, Refunds & Users <= 2.19 - Cross-Site Request Forgery to Sensitive Information ExposureEPSS 0.1%CVE-2024-13682MEDIUMWallet System for WooCommerce – Wallet, Wallet Cashback, Refunds, Partial Payment, Wallet Restriction <= 2.6.2 - Cross-Site Request ForgeryEPSS 0.1%CVE-2025-63953MEDIUMA Cross-Site Request Forgery (CSRF) in the /usapi?method=add-user component of Magewell Pro Convert v1.2.213 allows attackers to arbitrarilyEPSS 0.1%CVE-2026-9618MEDIUMPeachPay <= 1.120.46 - Cross-Site Request Forgery to Stripe UnlinkEPSS 0.1%CVE-2019-25250MEDIUMDevolo dLAN 500 AV Wireless+ 3.1.0-1 Cross-Site Request ForgeryEPSS 0.1%CVE-2025-2797MEDIUMWoffice Core <= 5.4.21 - Cross-Site Request Forgery to User Registration ApprovalEPSS 0.1%CVE-2026-40471CRITICALHackage CSRF vulnerabilityEPSS 0.1%CVE-2025-25148HIGHWordPress Read More Copy Link plugin <= 1.0.2 - CSRF to Stored XSS vulnerabilityEPSS 0.1%CVE-2025-25135HIGHWordPress Custom Links On Admin Dashboard Toolbar plugin <= 3.3 - CSRF to Stored XSS vulnerabilityEPSS 0.1%CVE-2025-12412MEDIUMTop Bar Notification <= 1.12 - Cross-Site Request Forgery to Stored Cross-Site ScriptingEPSS 0.1%CVE-2025-50369MEDIUMA Cross-Site Request Forgery (CSRF) vulnerability exists in the Manage Card functionality (/mcgs/admin/manage-card.php) of PHPGurukul MedicaEPSS 0.1%CVE-2025-58878MEDIUMWordPress Woocommerce Gifts Product Plugin <= 1.0.0 - Cross Site Request Forgery (CSRF) VulnerabilityEPSS 0.1%CVE-2025-9617MEDIUMPublish approval <= 1.1 - Cross-Site Request ForgeryEPSS 0.1%CVE-2025-62771HIGHMercku M6a devices through 2.1.0 allow password changes via intranet CSRF attacks.EPSS 0.1%CVE-2025-25140HIGHWordPress Simple User Profile plugin <= 1.9 - CSRF to Stored XSS vulnerabilityEPSS 0.1%