Fallos del tipo CWE-352

5745 resultados
CVE-2026-39603MEDIUMWordPress Grand Photography theme <= 5.7.8 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.1%CVE-2026-39634MEDIUMWordPress Grand Portfolio theme <= 3.3 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.1%CVE-2026-32328MEDIUMWordPress Lemmony theme < 1.7.1 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.1%CVE-2025-14399MEDIUMDownload Plugins and Themes from Dashboard <= 1.9.6 - Cross-Site Request Forgery to Bulk Plugin/Theme ArchivalEPSS 0.1%CVE-2026-3903MEDIUMModular Connector <= 2.5.1 - Cross-Site Request Forgery via postConfirmOauthEPSS 0.1%CVE-2026-25322MEDIUMWordPress PublishPress Revisions plugin <= 3.7.22 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.1%CVE-2025-66061MEDIUMWordPress Seriously Simple Podcasting plugin <= 3.13.0 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.1%CVE-2026-32420MEDIUMWordPress GamiPress plugin <= 7.6.6 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.1%CVE-2025-68998MEDIUMWordPress Heateor Social Login plugin <= 1.1.39 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.1%CVE-2026-53739MEDIUMYoast Duplicate Post through 4.6 Cross-Site Request Forgery via duplicate_post_dismiss_noticeEPSS 0.1%CVE-2026-25337MEDIUMWordPress Coachify theme <= 1.1.5 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.1%CVE-2025-10684MEDIUMConstruction Light < 1.6.8 - Subscriber+ Arbitrary Plugin ActivationEPSS 0.1%CVE-2026-57690MEDIUMWordPress Werkstatt theme <= 4.7.2 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.1%CVE-2026-34721MEDIUMZammad has Cross-site request forgery (CSRF) in OAuth callback endpointsEPSS 0.1%CVE-2026-9721MEDIUMBook a Room Event Calendar <= 1.9 - Cross-Site Request Forgery to Settings UpdateEPSS 0.1%CVE-2024-9592MEDIUMEasy PayPal Gift Certificate <= 1.2.3 - Cross-Site Request Forgery to Stored Cross-Site Scripting via wpppgc_plugin_optionsEPSS 0.1%CVE-2026-8340LOWConcrete CMS 9.5.0 and below is vulnerable to CSRF via Backend\File::approveVersionEPSS 0.1%CVE-2025-62986HIGHWordPress FanBridge signup plugin <= 0.6 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.1%CVE-2025-7841MEDIUMSertifier Certificate & Badge Maker for WordPress – Tutor LMS <= 1.19 - Cross-Site Request Forgery to Settings UpdateEPSS 0.1%CVE-2025-67595MEDIUMWordPress Quiz Maker plugin <= 6.7.0.82 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.1%