Fallos del tipo CWE-352
5740 resultadosCVE-2026-9730MEDIUMRemove NoFollow Commenter URL <= 1.0 - Cross-Site Request Forgery to Settings UpdateEPSS 0.1%CVE-2025-58792MEDIUMWordPress Authors List plugin <= 2.0.6.2 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.1%CVE-2026-39436HIGHWordPress CformsII plugin <= 15.1.3 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.1%CVE-2024-4128LOWCSRF in firebase-tools emulator suiteEPSS 0.1%CVE-2025-58199MEDIUMWordPress Fastly plugin <= 1.2.28 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.1%CVE-2025-31904HIGHWordPress Ebook Downloader plugin <= 1.0 - CSRF to Stored XSS vulnerabilityEPSS 0.1%CVE-2025-55057MEDIUMMultiple CWE-352 Cross-Site Request Forgery (CSRF)EPSS 0.1%CVE-2025-25100HIGHWordPress Cazamba plugin <= 1.2 - CSRF to Reflected Cross Site Scripting (XSS) vulnerabilityEPSS 0.1%CVE-2026-4071MEDIUMBirdSeed <= 2.2.0 - Cross-Site Request Forgery via BirdSeed Token ChangeEPSS 0.1%CVE-2025-58798MEDIUMWordPress BCM Duplicate Menu plugin <= 1.1.3 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.1%CVE-2025-52767MEDIUMWordPress NetInsight Analytics Implementation Plugin <= 1.0.3 - Cross Site Request Forgery (CSRF) VulnerabilityEPSS 0.1%CVE-2025-58200MEDIUMWordPress Flexible FAQ Plugin <= 0.2 - Cross Site Request Forgery (CSRF) VulnerabilityEPSS 0.1%CVE-2025-58611MEDIUMWordPress Tickera Plugin <= 3.5.5.6 - Cross Site Request Forgery (CSRF) VulnerabilityEPSS 0.1%CVE-2026-8414LOWConcrete CMS 9 before 9.5.0 is vulnerable to Cross Site Request Forgery (CSRF) at concrete/controllers/dialog/event/duplicateEPSS 0.1%CVE-2025-13194MEDIUMSurveyJS: Drag & Drop WordPress Form Builder to create, style and embed multiple forms of any complexity <= 2.5.2 - Cross-Site Request Forgery to Survey RenamingEPSS 0.1%CVE-2026-8427LOWConcrete CMS 9 before 9.5.0 is vulnerable to Cross Site Request Forgery (CSRF) at concrete/controllers/backend/file removeFavoriteFolder($id)EPSS 0.1%CVE-2026-8413LOWConcrete CMS 9 before 9.5.0 is vulnerable to Cross Site Request Forgery (CSRF) at concrete/controllers/dialog/page/bulk/designEPSS 0.1%CVE-2026-8411LOWConcrete CMS 9 before 9.5.0 is vulnerable to Cross Site Request Forgery (CSRF) at concrete/controllers/dialog/page/bulk/deleteEPSS 0.1%CVE-2025-62112MEDIUMWordPress Import into Easy Property Listings plugin <= 2.2.1 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.1%CVE-2018-25190MEDIUMEasyndexer 1.0 Cross-Site Request Forgery via createuser.phpEPSS 0.1%