Fallos del tipo CWE-352
5740 resultadosCVE-2025-64262MEDIUMWordPress Auto Prune Posts plugin <= 3.0.0 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.1%CVE-2026-57659HIGHWordPress Paid Memberships Pro - Add Member From Admin plugin <= 0.7.2 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.1%CVE-2025-62112MEDIUMWordPress Import into Easy Property Listings plugin <= 2.2.1 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.1%CVE-2019-25447MEDIUMOrientDB 3.0.17 Cross-Site Request ForgeryEPSS 0.1%CVE-2025-48233HIGHWordPress Affiliates Manager Google reCAPTCHA Integration plugin <= 1.0.6 - Cross Site Request Forgery (CSRF) to Stored XSS vulnerabilityEPSS 0.1%CVE-2026-8412LOWConcrete CMS 9 before 9.5.0 is vulnerable to Cross Site Request Forgery (CSRF) at concrete/controllers/dialog/page/bulk/cacheEPSS 0.1%CVE-2026-8414LOWConcrete CMS 9 before 9.5.0 is vulnerable to Cross Site Request Forgery (CSRF) at concrete/controllers/dialog/event/duplicateEPSS 0.1%CVE-2026-8415LOWConcrete CMS 9 before 9.5.0 is vulnerable to Cross Site Request Forgery (CSRF) at concrete/controllers/dialog/express/association/reorderEPSS 0.1%CVE-2022-50955MEDIUMWordPress Plugin Curtain 1.0.2 Cross-site Request ForgeryEPSS 0.1%CVE-2025-13194MEDIUMSurveyJS: Drag & Drop WordPress Form Builder to create, style and embed multiple forms of any complexity <= 2.5.2 - Cross-Site Request Forgery to Survey RenamingEPSS 0.1%CVE-2026-8433LOWConcrete CMS 9 before 9.5.0 is vulnerable to Cross Site Request Forgery (CSRF) at concrete/controllers/backend/file rescan()EPSS 0.1%CVE-2026-32816MEDIUMAdmidio has Missing CSRF Validation on Role Delete, Activate, and Deactivate ActionsEPSS 0.1%CVE-2018-25190MEDIUMEasyndexer 1.0 Cross-Site Request Forgery via createuser.phpEPSS 0.1%CVE-2025-24749HIGHWordPress EZPZ SAML SP Single Sign On (SSO) plugin <= 1.2.5 - CSRF to Stored XSS vulnerabilityEPSS 0.1%CVE-2019-25313MEDIUMFlexNet Publisher 11.12.1 - Cross-Site Request Forgery (Add Local Admin)EPSS 0.1%CVE-2026-8432LOWConcrete CMS 9 before 9.5.0 is vulnerable to Cross Site Request Forgery (CSRF) at concrete/controllers/backend/file star()EPSS 0.1%CVE-2025-46510HIGHWordPress Contact Form 7 Calendar plugin <= 3.0.1 - CSRF to Stored XSS vulnerabilityEPSS 0.1%CVE-2025-13140MEDIUMSurveyJS: Drag & Drop WordPress Form Builder <= 1.12.20 - Cross-Site Request Forgery to Survey DeletionEPSS 0.1%CVE-2025-12373MEDIUMTorod – The smart shipping and delivery portal for e-shops and retailers <= 1.9 - Cross-Site Request Forgery To Plugin's Settings ModificationEPSS 0.1%CVE-2025-13143MEDIUMPoll, Survey & Quiz Maker Plugin by Opinion Stage <= 19.12.0 - Cross-Site Request Forgery to Account DisconnectionEPSS 0.1%