Falhas do tipo CWE-352

5.719 resultados
CVE-2023-51683MEDIUMWordPress Easy PayPal Buy Now Button Plugin <= 1.8.1 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.2%CVE-2024-35772MEDIUMWordPress Hueman theme <= 3.7.24 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2023-25706MEDIUMWordPress Robots.txt optimization plugin <= 1.4.5 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.2%CVE-2024-43927MEDIUMWordPress Email Address Encoder plugin <= 1.0.23 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2025-57310HIGHA Cross-Site Request Forgery (CSRF) vulnerability in Salmen2/Simple-Faucet-Script v1.07 via crafted POST request to admin.php?p=ads&c=1 alloEPSS 0.2%CVE-2024-24843HIGHWordPress PowerPack Pro for Elementor Plugin < 2.10.8 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.2%CVE-2023-35778MEDIUMWordPress Recent Posts Slider Plugin <= 1.1 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.2%CVE-2024-26445MEDIUMflusity-CMS v2.33 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /core/tools/delete_place.phpEPSS 0.2%CVE-2023-34185MEDIUMWordPress NextGen GalleryView Plugin <= 0.5.5 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.2%CVE-2024-37503MEDIUMWordPress Lawyer Landing Page theme <= 1.2.4 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2023-47550HIGHWordPress Donations Made Easy – Smart Donations Plugin <= 4.0.12 is vulnerable to Cross Site Scripting (XSS)EPSS 0.2%CVE-2024-31113MEDIUMWordPress Easy Digital Downloads plugin <= 3.2.11 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2024-4218MEDIUMAffiEasy <= 1.1.6 - Cross-Site Request Forgery to Various ActionsEPSS 0.2%CVE-2024-12774MEDIUMAltra Side Menu <= 2.0 - Abitrary Menu Deletion via CSRFEPSS 0.2%CVE-2024-37937MEDIUMWordPress Rara Business theme <= 1.2.5 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2024-1503MEDIUMTutor LMS – eLearning and online course solution <= 2.6.1 - Cross-Site Request Forgery to Plugin Deactivation and Data EraseEPSS 0.2%CVE-2023-35780MEDIUMWordPress Galleria Plugin <= 1.0.3 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.2%CVE-2022-45228LOWDragino Lora LG01 18ed40 IoT v4.3.4 was discovered to contain a Cross-Site Request Forgery in the logout page.EPSS 0.2%CVE-2024-49674CRITICALWordPress EKC Tournament Manager plugin <= 2.2.1 - CSRF to Arbitrary File Upload vulnerabilityEPSS 0.2%CVE-2023-35047MEDIUMWordPress All Bootstrap Blocks Plugin <= 1.3.6 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.2%