Falhas do tipo CWE-352
5.677 resultadosCVE-2022-1599—Admin Management Xtended < 2.4.5 - Post Visibility/Date/Comment Status Update via CSRFEPSS 0.6%CVE-2021-36443HIGHCross Site Request Forgery vulnerability in imcat 5.4 allows remote attackers to escalate privilege via lack of token verification.EPSS 0.6%CVE-2021-32730MEDIUMNo CSRF protection on the password change formEPSS 0.6%CVE-2021-24704—Orange Form <= 1.0 - SQL Injection via CSRFEPSS 0.6%CVE-2022-1611—Bulk Page Creator < 1.1.4 - Arbitrary Page Creation via CSRFEPSS 0.6%CVE-2021-41274CRITICALAuthentication Bypass by CSRF WeaknessEPSS 0.6%CVE-2022-1765—Hot Linked Image Cacher <= 1.16 - Image upload/cache abuse via CSRFEPSS 0.6%CVE-2021-43353HIGHCrisp Live Chat <= 0.31 Cross-Site Request Forgery to Stored Cross-Site ScriptingEPSS 0.6%CVE-2024-48962HIGHApache OFBiz: Bypass SameSite restrictions with target redirection using URL parameters (SSTI and CSRF leading to RCE)EPSS 0.6%CVE-2021-43559—A flaw was found in Moodle in versions 3.11 to 3.11.3, 3.10 to 3.10.7, 3.9 to 3.9.10 and earlier unsupported versions. The "delete related bEPSS 0.6%CVE-2022-0335—A flaw was found in Moodle in versions 3.11 to 3.11.4, 3.10 to 3.10.8, 3.9 to 3.9.11 and earlier unsupported versions. The "delete badge aliEPSS 0.6%CVE-2024-6317HIGHGenerate PDF using Contact Form 7 <= 4.1.2 - Cross-Site Request Forgery to Arbitrary File DeletionEPSS 0.6%CVE-2021-42364HIGHStetic <= 1.0.6 Cross-Site Request Forgery to Stored Cross-Site ScriptingEPSS 0.6%CVE-2021-34636HIGHCountdown and CountUp, WooCommerce Sales Timer <= 1.5.7 Cross-Site Request Forgery to Stored Cross-Site ScriptingEPSS 0.6%CVE-2021-42358HIGHContact Form With Captcha <= 1.6.2 Cross-Site Request Forgery to Reflected Cross-Site ScriptingEPSS 0.6%CVE-2024-20255HIGHA vulnerability in the SOAP API of Cisco Expressway Series and Cisco TelePresence Video Communication Server could allow an unauthenticated,EPSS 0.6%CVE-2021-24879—SupportCandy < 2.2.7 - CSRF to Cross-Site ScriptingEPSS 0.6%CVE-2021-25010—Post Snippets < 3.1.4 - CSRF to Stored Cross-Site ScriptingEPSS 0.6%CVE-2022-0770—Translate WordPress with GTranslate < 2.9.9 - CSRF to Account TakeoverEPSS 0.6%CVE-2020-36505—Delete All Comments Easily <= 1.3 - All Comments Deletion via CSRFEPSS 0.6%