Fallos del tipo CWE-352

5744 resultados
CVE-2025-62871MEDIUMWordPress Just TinyMCE Custom Styles plugin <= 1.2.1 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.1%CVE-2025-67473MEDIUMWordPress CWW Companion plugin <= 1.3.2 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.1%CVE-2025-58999MEDIUMWordPress WP Attractive Donations System - Easy Stripe & Paypal donations plugin <= 1.25 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.1%CVE-2025-62866MEDIUMWordPress Auto Alt Text plugin <= 2.5.2 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.1%CVE-2025-62102MEDIUMWordPress DoFollow Case by Case plugin <= 3.5.1 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.1%CVE-2025-64239MEDIUMWordPress RTL Tester plugin <= 1.2 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.1%CVE-2025-64256MEDIUMWordPress Simple Folio plugin <= 1.1.0 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.1%CVE-2025-64240MEDIUMWordPress Freshchat plugin <= 2.3.4 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.1%CVE-2025-62733MEDIUMWordPress Custom Sidebars by ProteusThemes plugin <= 1.0.3 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.1%CVE-2025-67465MEDIUMWordPress Simple Link Directory plugin <= 8.8.3 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.1%CVE-2026-29521MEDIUMHereta ETH-IMC408M CSRF via Configuration SetupEPSS 0.1%CVE-2026-57306MEDIUMA cross-site request forgery (CSRF) vulnerability in Jenkins Zowe zDevOps Plugin 1.1.3.50.ve350c9b_450b_1 and earlier allows attackers to coEPSS 0.1%CVE-2026-45610MEDIUMWWBN AVideo plugin/LoginControl/set.json.php: 2FA toggle endpoint has no CSRF protection, letting an attacker page silently disable a logged-in victim's 2FAEPSS 0.1%CVE-2025-66906MEDIUMCross Site Request Forgery (CSRF) vulnerability in Turms Admin API thru v0.10.0-SNAPSHOT allows attackers to gain escalated privileges.EPSS 0.1%CVE-2026-0493MEDIUMCross-Site Request Forgery (CSRF) vulnerability in SAP Fiori App (Intercompany Balance Reconciliation)EPSS 0.1%CVE-2025-64368MEDIUMWordPress Bard theme <= 1.6 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.1%CVE-2026-4393MEDIUMAutomated Logout - Moderately critical - Cross-site request forgery - SA-CONTRIB-2026-030EPSS 0.1%CVE-2026-48925MEDIUMA cross-site request forgery (CSRF) vulnerability in Jenkins GitHub Integration Plugin 0.7.3 and earlier allows attackers to attackers to trEPSS 0.1%CVE-2024-23737MEDIUMCross Site Request Forgery (CSRF) vulnerability in savignano S/Notify before 4.0.2 for Jira allows attackers to allows attackers to manipulaEPSS 0.1%CVE-2023-52212MEDIUMWordPress WP Job Manager plugin <= 2.0.0 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.1%