Fallos del tipo CWE-352
5735 resultadosCVE-2025-53262MEDIUMWordPress Writesonic plugin <= 1.0.5 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.1%CVE-2025-31602MEDIUMWordPress Apimo Connector plugin <= 2.6.5.1 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.1%CVE-2025-60164HIGHWordPress NewsmanApp plugin <= 2.7.7 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.1%CVE-2025-23502HIGHWordPress Curated Search plugin <= 1.2 - CSRF to Stored XSS vulnerabilityEPSS 0.1%CVE-2025-28974HIGHWordPress Free WP Mail SMTP plugin <= 1.0 - Cross Site Request Forgery (CSRF) to Stored XSS vulnerabilityEPSS 0.1%CVE-2025-26768HIGHWordPress what3words Address Field plugin <= 4.0.15 - CSRF to Stored XSS vulnerabilityEPSS 0.1%CVE-2025-26759HIGHWordPress Content Snippet Manager plugin <= 1.1.5 - CSRF to Stored XSS vulnerabilityEPSS 0.1%CVE-2025-31569HIGHWordPress wordpress related Posts with thumbnails plugin <= 3.0.0.1 - CSRF to Stored XSS vulnerabilityEPSS 0.1%CVE-2025-26931HIGHWordPress Tribulant Gallery Voting plugin <= 1.2.1 - CSRF to Stored XSS vulnerabilityEPSS 0.1%CVE-2025-54672MEDIUMWordPress Photo Engine Plugin plugin <= 6.4.3 - Cross Site Request Forgery (CSRF) VulnerabilityEPSS 0.1%CVE-2025-54694MEDIUMWordPress Button Block Plugin plugin <= 1.2.0 - Cross Site Request Forgery (CSRF) VulnerabilityEPSS 0.1%CVE-2025-31570HIGHWordPress Related Posts Widget with Thumbnails plugin <= 1.2 - CSRF to Stored XSS vulnerabilityEPSS 0.1%CVE-2026-8425MEDIUMNotify Odoo <= 1.0.1 - Cross-Site Request Forgery to Settings UpdateEPSS 0.1%CVE-2024-45161MEDIUMA CSRF issue was discovered in the administrative web GUI in Blu-Castle BCUM221E 1.0.0P220507. This can be exploited via a URL, an image loaEPSS 0.1%CVE-2025-64117MEDIUMTuleap missing CSRF protection in the management of SVN commit rules and immutable tagsEPSS 0.1%CVE-2025-54674MEDIUMWordPress Product Configurator for WooCommerce Plugin plugin <= 1.4.4 - Cross Site Request Forgery (CSRF) VulnerabilityEPSS 0.1%CVE-2026-7533MEDIUMEasy Digital Downloads <= 3.6.7 - Cross-Site Request Forgery to Payment Account Hijacking via 'square_tokens' ParameterEPSS 0.1%CVE-2025-12172MEDIUMMailchimp List Subscribe Form <= 2.0.0 - Cross-Site Request Forgery to Mailchimp List ChangeEPSS 0.1%CVE-2025-31585HIGHWordPress Leadfox for WordPress plugin <= 2.1.9 - CSRF to Stored XSS vulnerabilityEPSS 0.1%CVE-2024-0392MEDIUMCross-Site Request Forgery (CSRF) in WSO2 Enterprise Integrator 6.6.0 Management Console Due to Missing CSRF Token ValidationEPSS 0.1%