Fallos del tipo CWE-352

5743 resultados
CVE-2025-6055MEDIUMZen Sticky Social <= 0.3 - Cross-Site Request Forgery to Stored Cross-Site ScriptingEPSS 0.1%CVE-2026-41663LOWAdmidio: CSRF on Admin Preferences Triggers Unauthorized Backup, .htaccess Write, and Email SendEPSS 0.1%CVE-2025-64226MEDIUMWordPress Stockie Extra plugin <= 1.2.11 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.1%CVE-2025-64290MEDIUMWordPress Premmerce Product Search for WooCommerce plugin <= 2.2.4 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.1%CVE-2025-64201MEDIUMWordPress PowerPress Podcasting plugin <= 11.13.12 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.1%CVE-2025-6053MEDIUMZuppler Online Ordering <= 2.1.0 - Cross-Site Request Forgery to Stored Cross-Site ScriptingEPSS 0.1%CVE-2026-22880MEDIUMMobile SSO authentication flow allows credential theft via malicious serverEPSS 0.1%CVE-2025-6063MEDIUMXiSearch bar <= 2.6 - Cross-Site Request Forgery to Stored Cross-Site ScriptingEPSS 0.1%CVE-2025-5926MEDIUMLink Shield <= 0.5.4 - Cross-Site Request Forgery to Stored Cross-Site ScriptingEPSS 0.1%CVE-2025-14462MEDIUMLucky Draw Contests <= 4.2 - Cross-Site Request Forgery to Plugin Settings UpdateEPSS 0.1%CVE-2025-48144HIGHWordPress Import Export For WooCommerce plugin <= 1.6.2 - CSRF to Stored XSS vulnerabilityEPSS 0.1%CVE-2025-49453HIGHWordPress BP Profile as Homepage plugin <= 1.1 - Cross Site Request Forgery (CSRF) to Stored XSS vulnerabilityEPSS 0.1%CVE-2026-14620MEDIUMwebpack-dev-server vulnerable to cross-site request forgery via internal developer endpointsEPSS 0.1%CVE-2025-49425HIGHWordPress Konami Easter Egg plugin <= v0.4 - Cross Site Request Forgery (CSRF) VulnerabilityEPSS 0.1%CVE-2025-53332HIGHWordPress Track Everything plugin <= 2.0.1 - Cross Site Request Forgery (CSRF) VulnerabilityEPSS 0.1%CVE-2025-60075HIGHWordPress hpb seo plugin for WordPress plugin <= 3.0.1 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.1%CVE-2018-25151MEDIUMEcessa WANWorx WVR-30 < 10.7.4 Cross-Site Request Forgery via User ConfigurationEPSS 0.1%CVE-2025-46512HIGHWordPress Custom Functions Plugin plugin <= 1.1 - CSRF to Stored XSS vulnerabilityEPSS 0.1%CVE-2025-48114HIGHWordPress ShayanWeb Admin FontChanger plugin <= 1.9.1 - Cross Site Request Forgery (CSRF) to Stored XSS vulnerabilityEPSS 0.1%CVE-2026-55745MEDIUMCotonti CSRF in PFS folder edit allows unauthorized folder modificationEPSS 0.1%