Fallos del tipo CWE-352

5740 resultados
CVE-2026-27659MEDIUMCSRF vulnerability in UpdateAccessControlPolicyActiveStatus endpointEPSS 0.1%CVE-2025-31460HIGHWordPress OmniLeads Scripts and Tags Manager plugin <= 1.3 - CSRF to Stored XSS vulnerabilityEPSS 0.1%CVE-2025-31922HIGHWordPress CSS3 Accordions for WordPress plugin <= 3.0 - CSRF to Stored XSS vulnerabilityEPSS 0.1%CVE-2025-54702MEDIUMWordPress Ebook Store Plugin plugin <= 5.8013 - Cross Site Request Forgery (CSRF) VulnerabilityEPSS 0.1%CVE-2025-62886HIGHWordPress Pricing Table builder plugin <= 1.5.3 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.1%CVE-2025-31443HIGHWordPress KK I Like It plugin <= 1.7.5.3 - CSRF to Stored XSS vulnerabilityEPSS 0.1%CVE-2025-31435HIGHWordPress Microblog Poster plugin <= 2.1.6 - Cross Site Request Forgery (CSRF) to Stored XSS vulnerabilityEPSS 0.1%CVE-2025-31459HIGHWordPress Login Alert plugin <= 0.2.1 - CSRF to Stored XSS vulnerabilityEPSS 0.1%CVE-2025-14976MEDIUMUser Registration & Membership <= 4.4.8 - Cross-Site Request Forgery to Arbitrary Post DeletionEPSS 0.1%CVE-2026-34382MEDIUMAdmidio: Missing CSRF Protection on Custom List Deletion in mylist_function.phpEPSS 0.1%CVE-2026-39632MEDIUMWordPress Grand Blog theme <= 3.1 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.1%CVE-2025-13365MEDIUMWP Hallo Welt <= 1.4. - Cross-Site Request Forgery to Stored Cross-Site ScriptingEPSS 0.1%CVE-2025-54703MEDIUMWordPress Integrate Google Drive plugin <= 1.5.2 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.1%CVE-2025-31444HIGHWordPress ShowTime Slideshow plugin <= 1.6 - Cross Site Request Forgery (CSRF) to Stored XSS vulnerabilityEPSS 0.1%CVE-2025-62005HIGHWordPress SUMO Memberships for WooCommerce plugin < 7.8.0 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.1%CVE-2025-31613HIGHWordPress AB Google Map Travel plugin <= 4.6 - CSRF to Stored XSS vulnerabilityEPSS 0.1%CVE-2025-12188MEDIUMPosts Navigation Links for Sections and Headings - Free by WP Masters <= 1.0.1 - Cross-Site Request Forgery to Settings UpdateEPSS 0.1%CVE-2025-12132MEDIUMWP Custom Admin Login Page Logo <= 1.4.8.4 - Cross-Site Request Forgery to Settings UpdateEPSS 0.1%CVE-2025-12072MEDIUMDisable Content Editor For Specific Template <= 2.0 - Cross-Site Request Forgery to Template Configuration UpdateEPSS 0.1%CVE-2026-34896HIGHWordPress Under Construction, Coming Soon & Maintenance Mode plugin <= 2.1.1 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.1%