Fallos del tipo CWE-352
5711 resultadosCVE-2025-24223HIGHThe issue was addressed with improved memory handling. This issue is fixed in Safari 18.5, iOS 18.5 and iPadOS 18.5, macOS Sequoia 15.5, tvOEPSS 0.3%CVE-2024-48913MEDIUMHono vulnerable to bypass of CSRF Middleware by a request without Content-Type header.EPSS 0.3%CVE-2022-33201MEDIUMWordPress MailerLite – Signup forms (official) plugin <= 1.5.7 - Cross-Site Request Forgery (CSRF) vulnerabilityEPSS 0.3%CVE-2023-2717MEDIUMGroundhogg <= 2.7.9.8 - Cross-Site Request Forgery to Disable All PluginsEPSS 0.3%CVE-2023-23993MEDIUMWordPress IP Blocker Lite Plugin <= 11.1.1 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.3%CVE-2023-34025MEDIUMWordPress LWS Hide Login Plugin <= 2.1.6 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.3%CVE-2023-24395MEDIUMWordPress Contact Form 7 Redirect & Thank You Page Plugin <= 1.0.3 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.3%CVE-2023-31088MEDIUMWordPress Floating Action Button Plugin <=1.2.1 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.3%CVE-2024-0830MEDIUMComments Extra Fields For Post,Pages and CPT <= 5.0 - Cross-Site Request ForgeryEPSS 0.3%CVE-2023-26542MEDIUMWordPress phpinfo() WP Plugin <= 4.0 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.3%CVE-2023-34169MEDIUMWordPress TS Webfonts for さくらのレンタルサーバ Plugin <= 3.1.2 is vulnerable to Broken Access ControlEPSS 0.3%CVE-2023-27445MEDIUMWordPress Blog Floating Button Plugin <= 1.4.12 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.3%CVE-2023-28995MEDIUMWordPress Configurable Tag Cloud Plugin <= 5.2 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.3%CVE-2024-22715HIGHStupid Simple CMS <=1.2.4 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /admin-edit.php.EPSS 0.3%CVE-2023-30478MEDIUMWordPress Newsletters Plugin <= 4.8.8 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.3%CVE-2023-34002MEDIUMWordPress WP Inventory Manager Plugin <= 2.1.0.13 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.3%CVE-2024-1642MEDIUMMainWP Dashboard <= 4.6.0.1 - Cross-Site Request Forgery via posting_bulkEPSS 0.3%CVE-2024-26349MEDIUMflusity-CMS v2.33 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /core/tools/delete_translation.phpEPSS 0.3%CVE-2023-24405MEDIUMWordPress Contact Form 7 – PayPal & Stripe Add-on Plugin <= 1.9.3 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.3%CVE-2023-32745MEDIUMWordPress AutomateWoo Plugin <= 5.7.1 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.3%