Fallos del tipo CWE-352
5711 resultadosCVE-2024-47359MEDIUMWordPress Depicter plugin <= 3.2.2 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2023-41129MEDIUMWordPress Patreon WordPress Plugin <= 1.8.6 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.3%CVE-2023-47519MEDIUMWordPress WooCommerce Product Table Lite Plugin <= 2.6.2 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.3%CVE-2023-2279MEDIUMWP Directory Kit <= 1.2.1 - Cross-Site Request Forgery to Plugin Settings Change/Delete, Demo Import, Directory Kit Modification/Deletion via admin_page_displayEPSS 0.3%CVE-2023-23473MEDIUMIBM InfoSphere Information Server cross-site request forgeryEPSS 0.3%CVE-2022-36388MEDIUMWordPress YDS Support Ticket System plugin <= 1.0 - Cross-Site Request Forgery (CSRF) vulnerabilityEPSS 0.3%CVE-2022-41136MEDIUMWordPress Shortcodes Ultimate plugin <= 5.12.0 - CSRF vulnerability leading to Stored XSSEPSS 0.3%CVE-2023-2303MEDIUMContact Form and Calls To Action by vcita <= 4.10.5 - Cross-Site Request Forgery to Stored Cross-Site ScriptingEPSS 0.3%CVE-2022-47164MEDIUMWordPress Event Manager for WooCommerce Plugin <= 3.7.7 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.3%CVE-2022-37411MEDIUMWordPress Captcha Code plugin <= 2.7 - Cross-Site Request Forgery (CSRF) vulnerabilityEPSS 0.3%CVE-2022-44741MEDIUMWordPress Testimonial Slider plugin <= 1.3.1 - Cross-Site Request Forgery (CSRF) vulnerabilityEPSS 0.3%CVE-2022-25608MEDIUMWordPress Yoo Slider – Image Slider & Video Slider plugin <= 2.0.0 - Cross-Site Request Forgery (CSRF) vulnerability leading to slider Duplicate/DeleteEPSS 0.3%CVE-2025-1074MEDIUMWebkul QloApps URL mylogout cross-site request forgeryEPSS 0.3%CVE-2022-30357CRITICALOvalEdge 5.2.8.0 and earlier is affected by an Account Takeover vulnerability via a POST request to /profile/updateProfile via the userId anEPSS 0.3%CVE-2022-0642—JivoChat < 1.3.5.4 - Stored Cross-Site Scripting via CSRFEPSS 0.3%CVE-2022-1780—LaTeX for WordPress <= 3.4.10 - Arbitrary Settings Update via CSRF to Stored XSSEPSS 0.3%CVE-2024-3142MEDIUMClavister E10/E80 Setting cross-site request forgeryEPSS 0.3%CVE-2022-1764—WP-chgFontSize <= 1.8 - Arbitrary Settings Update via CSRF to Stored XSSEPSS 0.3%CVE-2022-1781—postTabs <= 2.10.6 - Arbitrary Settings Update via CSRF to Stored XSSEPSS 0.3%CVE-2023-5776MEDIUMPost Meta Data Manager <= 1.2.1 - Cross-Site Request Forgery to Post, Term, and User Meta DeletionEPSS 0.3%