Fallos del tipo CWE-352
5740 resultadosCVE-2025-13924MEDIUMAdvanced Product Fields (Product Addons) for WooCommerce <= 1.6.17 - Cross-Site Request Forgery to Product Field Group Duplication and PublicationEPSS 0.1%CVE-2025-23978HIGHWordPress FlashCounter plugin <= 1.1.8 - CSRF to Stored Cross Site Scripting (XSS) vulnerabilityEPSS 0.1%CVE-2024-55271LOWA Cross-Site Request Forgery (CSRF) vulnerability has been identified in phpgurukul Gym Management System 1.0. This issue is present in the EPSS 0.1%CVE-2025-13737MEDIUMNextend Social Login and Register <= 3.1.21 - Cross-Site Request Forgery to Unlink User Social LoginEPSS 0.1%CVE-2025-26569HIGHWordPress Post Thumbs Plugin <= 1.5 - CSRF to Stored XSS vulnerabilityEPSS 0.1%CVE-2025-54969MEDIUMAn issue was discovered in BAE SOCET GXP before 4.6.0.2. The SOCET GXP Job Status Service does not implement CSRF protections. An attacker wEPSS 0.1%CVE-2025-26562HIGHWordPress RSS FIlter Plugin <= 1.2 - CSRF to Stored Cross Site Scripting (XSS) vulnerabilityEPSS 0.1%CVE-2025-23977HIGHWordPress Post Carousel Slider plugin <= 2.0.1 - CSRF to Stored XSS vulnerabilityEPSS 0.1%CVE-2025-13360MEDIUMQuantic Social Image Hover <= 1.0.8 - Cross-Site Request Forgery to Settings UpdateEPSS 0.1%CVE-2025-13362MEDIUMNorby AI <= 1.0.3 - Cross-Site Request Forgery to Settings UpdateEPSS 0.1%CVE-2025-62891MEDIUMWordPress Off-Canvas Sidebars & Menus (Slidebars) plugin <= 0.5.8.5 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.1%CVE-2025-47674MEDIUMWordPress Credova_Financial plugin <= 2.5.0 - Cross Site Request Forgery (CSRF) VulnerabilityEPSS 0.1%CVE-2025-49439MEDIUMWordPress Atelier Create CV plugin <= 1.1.5 - Cross Site Request Forgery (CSRF) to Settings Change vulnerabilityEPSS 0.1%CVE-2025-49332MEDIUMWordPress WP Time Slots Booking Form plugin <= 1.2.30 - Cross Site Request Forgery (CSRF) VulnerabilityEPSS 0.1%CVE-2026-1673MEDIUMBEAR – Bulk Editor and Products Manager Professional for WooCommerce by Pluginus.Net <= 1.1.5 - Cross-Site Request Forgery to Taxonomy Term DeletionEPSS 0.1%CVE-2025-39351MEDIUMWordPress Grand Restaurant WordPress theme <= 7.0 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.1%CVE-2025-47681MEDIUMWordPress Web Accessibility with Max Access plugin <= 2.0.9 - Cross Site Request Forgery (CSRF) VulnerabilityEPSS 0.1%CVE-2026-9599MEDIUMTectite Forms <= 1.3 - Cross-Site Request Forgery to Settings UpdateEPSS 0.1%CVE-2025-39371MEDIUMWordPress Author Box Plugin With Different Description plugin <= 1.3.5 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.1%CVE-2026-4143MEDIUMNeos Connector for Fakturama <= 0.0.14 - Cross-Site Request Forgery to Settings UpdateEPSS 0.1%