Fallos del tipo CWE-352
5711 resultadosCVE-2023-34171MEDIUMWordPress WP Report Post Plugin <= 2.1.2 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.3%CVE-2023-23993MEDIUMWordPress IP Blocker Lite Plugin <= 11.1.1 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.3%CVE-2023-24395MEDIUMWordPress Contact Form 7 Redirect & Thank You Page Plugin <= 1.0.3 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.3%CVE-2022-33201MEDIUMWordPress MailerLite – Signup forms (official) plugin <= 1.5.7 - Cross-Site Request Forgery (CSRF) vulnerabilityEPSS 0.3%CVE-2023-32794MEDIUMWordPress WooCommerce Product Add-ons Plugin <= 6.1.3 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.3%CVE-2023-24405MEDIUMWordPress Contact Form 7 – PayPal & Stripe Add-on Plugin <= 1.9.3 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.3%CVE-2023-27445MEDIUMWordPress Blog Floating Button Plugin <= 1.4.12 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.3%CVE-2023-30478MEDIUMWordPress Newsletters Plugin <= 4.8.8 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.3%CVE-2023-1870MEDIUMYourChannel <= 1.2.4 - Cross-Site Request Forgery to Plugin Language Translation UpdateEPSS 0.3%CVE-2023-3627HIGHCross-Site Request Forgery (CSRF) in salesagility/suitecrm-coreEPSS 0.3%CVE-2023-1867MEDIUMYourChannel <= 1.2.4 - Cross-Site Request Forgery to Plugin Settings ChangeEPSS 0.3%CVE-2023-47578HIGHRelyum RELY-PCIe 22.2.1 and RELY-REC 23.1.0 devices are susceptible to Cross Site Request Forgery (CSRF) attacks due to the absence of CSRF EPSS 0.3%CVE-2022-2375—WP Sticky Button < 1.4.1 - Unauthenticated Arbitrary Settings Update to Stored XSSEPSS 0.3%CVE-2021-29334HIGHAn issue was discovered in JIZHI CMS 1.9.4. There is a CSRF vulnerability that can add an admin account via index, /admin.php/Admin/adminaddEPSS 0.3%CVE-2024-45538CRITICALCross-Site Request Forgery (CSRF) vulnerability in WebAPI Framework in Synology DiskStation Manager (DSM) before 7.2.1-69057-2 and 7.2.2-728EPSS 0.3%CVE-2024-55076HIGHGrocy through 4.3.0 has no CSRF protection, as demonstrated by changing the Administrator's password.EPSS 0.3%CVE-2023-26514MEDIUMWordPress XML Sitemap Generator for Google Plugin <= 1.3.3 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.3%CVE-2023-26531MEDIUMWordPress 多合一搜索自动推送管理插件-支持Baidu/Google/Bing/IndexNow/Yandex/头条 Plugin <= 4.2.7 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.3%CVE-2024-35009HIGHidccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /admin/share_switch.php?mudi=switch&dataType=&fEPSS 0.3%CVE-2023-28420MEDIUMWordPress Custom Options Plus Plugin <= 1.8.1 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.3%