Fallos del tipo CWE-352
5740 resultadosCVE-2025-14906MEDIUMWP Youtube Video Gallery <= 1.0 - Cross-Site Request Forgery to Plugin Settings UpdateEPSS 0.1%CVE-2025-31915MEDIUMWordPress Pixel Form BuilderPlugin & Autoresponder plugin <= 1.0.3 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.1%CVE-2025-53269MEDIUMWordPress My Wp Brand plugin <= 1.1.3 - Cross Site Request Forgery (CSRF) VulnerabilityEPSS 0.1%CVE-2025-49968MEDIUMWordPress XML Travel Portal Widget plugin <= 2.0 - Cross Site Request Forgery (CSRF) VulnerabilityEPSS 0.1%CVE-2025-49975MEDIUMWordPress JobWP plugin <= 2.4.0 - Cross Site Request Forgery (CSRF) VulnerabilityEPSS 0.1%CVE-2025-53267MEDIUMWordPress Hide Admin Bar From Front End plugin <= 1.0.0 - Cross Site Request Forgery (CSRF) VulnerabilityEPSS 0.1%CVE-2025-9945MEDIUMOptimize More! – CSS <= 1.0.3 - Cross-Site Request Forgery to Plugin Settings ResetEPSS 0.1%CVE-2026-8428HIGHCSRF token is not validated in the core CMS update controller for Concrete CMS 9.5.0 and belowEPSS 0.1%CVE-2025-53272MEDIUMWordPress Image Cleanup plugin <= 1.9.2 - Cross Site Request Forgery (CSRF) VulnerabilityEPSS 0.1%CVE-2025-23972MEDIUMWordPress Contact Form 7 reCAPTCHA plugin <= 1.2.0 - Cross Site Request Forgery (CSRF) VulnerabilityEPSS 0.1%CVE-2025-14845MEDIUMNS IE Compatibility Fixer <= 2.1.5 - Cross-Site Request Forgery to Plugin Settings UpdateEPSS 0.1%CVE-2025-53273MEDIUMWordPress Slickstream plugin <= 2.0.3 - Cross Site Request Forgery (CSRF) VulnerabilityEPSS 0.1%CVE-2025-31904HIGHWordPress Ebook Downloader plugin <= 1.0 - CSRF to Stored XSS vulnerabilityEPSS 0.1%CVE-2026-9730MEDIUMRemove NoFollow Commenter URL <= 1.0 - Cross-Site Request Forgery to Settings UpdateEPSS 0.1%CVE-2026-28761HIGHCross-site request forgery vulnerability exists in Musetheque V4 Information Disclosure for IPKNOWLEDGE V4L1 rev2203.0 and earlier. If a useEPSS 0.1%CVE-2025-57893MEDIUMWordPress WP Fast Total Search Plugin <= 1.79.270 - Cross Site Request Forgery (CSRF) VulnerabilityEPSS 0.1%CVE-2025-58611MEDIUMWordPress Tickera Plugin <= 3.5.5.6 - Cross Site Request Forgery (CSRF) VulnerabilityEPSS 0.1%CVE-2025-27355HIGHWordPress Woocommerce – Loi Hamon Plugin <= 1.1.0 - CSRF to Stored XSS vulnerabilityEPSS 0.1%CVE-2025-58199MEDIUMWordPress Fastly plugin <= 1.2.28 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.1%CVE-2025-58219MEDIUMWordPress Show Pages List Plugin <= 1.2.0 - Cross Site Request Forgery (CSRF) VulnerabilityEPSS 0.1%