Fallos del tipo CWE-352
5740 resultadosCVE-2025-55041HIGHMuraCMS through 10.1.10 contains a CSRF vulnerability in the Add To Group functionality for user management (cUsers.cfc addToGroup method) tEPSS 0.1%CVE-2025-47674MEDIUMWordPress Credova_Financial plugin <= 2.5.0 - Cross Site Request Forgery (CSRF) VulnerabilityEPSS 0.1%CVE-2025-54042MEDIUMWordPress WP Post Hide plugin <= 1.0.9 - Cross Site Request Forgery (CSRF) VulnerabilityEPSS 0.1%CVE-2025-54030MEDIUMWordPress WooCommerce Google Sheet Connector plugin <= 1.3.20 - Cross Site Request Forgery (CSRF) VulnerabilityEPSS 0.1%CVE-2025-48115MEDIUMWordPress ValidateCertify plugin <= 1.6.4 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.1%CVE-2026-42289HIGHChurchCRM: Cross-Site Request Forgery (CSRF) Leading to Admin Privilege EscalationEPSS 0.1%CVE-2026-11775MEDIUMUser Admin Simplifier <= 3.0.0 - Cross-Site Request ForgeryEPSS 0.1%CVE-2025-48264MEDIUMWordPress Product Code for WooCommerce plugin <= 1.5.0 - CSRF to Database Update vulnerabilityEPSS 0.1%CVE-2025-55044HIGHThe Trash Restore CSRF vulnerability in MuraCMS through 10.1.10 allows attackers to restore deleted content from the trash to unauthorized lEPSS 0.1%CVE-2026-9236MEDIUMCM Ad Changer <= 2.0.7 - Cross-Site Request Forgery to Campaign Deletion via Campaign ManagementEPSS 0.1%CVE-2025-32281MEDIUMWordPress DarkMySite plugin <= 1.2.8 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.1%CVE-2026-6700MEDIUMDX Sources <= 2.0.1 - Cross-Site Request Forgery to Settings UpdateEPSS 0.1%CVE-2026-11997MEDIUMBulk SEO Image <= 1.1 - Cross-Site Request Forgery to Settings UpdateEPSS 0.1%CVE-2026-8708MEDIUMGenzel breadcrumbs <= 1.2 - Cross-Site Request Forgery to Settings Update via Plugin Settings PageEPSS 0.1%CVE-2025-62891MEDIUMWordPress Off-Canvas Sidebars & Menus (Slidebars) plugin <= 0.5.8.5 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.1%CVE-2026-9723MEDIUMGoogle Plus One Bottom <= 0.0.2 - Cross-Site Request Forgery to Plugin Settings Update via Settings PageEPSS 0.1%CVE-2025-49445MEDIUMWordPress Interactive UK Regional Map plugin <= 2.0 - Cross Site Request Forgery (CSRF) to Settings Change vulnerabilityEPSS 0.1%CVE-2026-8940MEDIUMWP Meta Sort Posts <= 0.9 - Cross-Site Request Forgery to Plugin Settings UpdateEPSS 0.1%CVE-2025-49373MEDIUMWordPress Evergreen Content Poster plugin <= 1.4.5 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.1%CVE-2026-57305MEDIUMA cross-site request forgery (CSRF) vulnerability in Jenkins Assembla Plugin 1.4 and earlier allows attackers to connect to an attacker-specEPSS 0.1%