Fallos del tipo CWE-352
5740 resultadosCVE-2025-8481MEDIUMBlog Designer For Elementor – Post Slider, Post Carousel, Post Grid <= 1.1.7 - Cross-Site Request ForgeryEPSS 0.1%CVE-2025-10301MEDIUMFunKItools <= 1.0.2 - Cross-Site Request Forgery to Settings UpdateEPSS 0.1%CVE-2026-25015MEDIUMWordPress UsersWP plugin <= 1.2.53 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.1%CVE-2025-9618MEDIUMRelated Posts Lite <= 1.12 - Cross-Site Request ForgeryEPSS 0.1%CVE-2025-9897MEDIUMAP Background <= 3.8.2 - Cross-Site Request ForgeryEPSS 0.1%CVE-2025-64760MEDIUMTuleap has missing CSRF protections in its tracker trigger management systemEPSS 0.1%CVE-2025-10312MEDIUMTheme Importer <= 1.0 - Cross-Site Request ForgeryEPSS 0.1%CVE-2026-1377MEDIUMimwptip <= 1.1 - Cross-Site Request Forgery to Settings UpdateEPSS 0.1%CVE-2026-8904MEDIUMFastPicker, an order picker and order management system (oms) for WooCommerce on steroids <= 1.0.2 - Cross-Site Request Forgery via Settings SaveEPSS 0.1%CVE-2025-13621MEDIUMdream gallery <= 1.0 - Cross-Site Request Forgery to Stored Cross-Site Scripting via 'dreampluginsmain' AJAX ActionEPSS 0.1%CVE-2026-1983MEDIUMSEATT: Simple Event Attendance <= 1.5.0 - Cross-Site Request Forgery to Arbitrary Event DeletionEPSS 0.1%CVE-2025-11976MEDIUMFuseWP – WordPress User Sync to Email List & Marketing Automation (Mailchimp, Constant Contact, ActiveCampaign etc.) <= 1.1.23.0 - Cross-Site Request Forgery to Sync Rule CreationEPSS 0.1%CVE-2025-10376MEDIUMCourse Redirects for Learndash Plugin <= 0.4 - Cross-Site Request ForgeryEPSS 0.1%CVE-2026-57723HIGHWordPress VikBooking Hotel Booking Engine & PMS plugin <= 1.8.12 - CSRF to Arbitrary File Deletion vulnerabilityEPSS 0.1%CVE-2025-47684MEDIUMWordPress Smaily for WP plugin <= 3.1.7 - Cross Site Request Forgery (CSRF) VulnerabilityEPSS 0.1%CVE-2026-8902MEDIUMAJAX Report Comments <= 2.0.4 - Cross-Site Request Forgery to Settings UpdateEPSS 0.1%CVE-2025-13521MEDIUMWP Status Notifier <= 1.0 - Cross-Site Request Forgery to Settings UpdateEPSS 0.1%CVE-2026-1508MEDIUMCourt Reservation < 1.10.9 - Event Deletion via CSRFEPSS 0.1%CVE-2025-9894MEDIUMSync Feedly <= 1.0.1 - Cross-Site Request Forgery to Sync TriggerEPSS 0.1%CVE-2026-45773MEDIUMTurborepo: Login callback CSRF/session fixationEPSS 0.1%