Falhas do tipo CWE-352

5.719 resultados
CVE-2023-25706MEDIUMWordPress Robots.txt optimization plugin <= 1.4.5 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.2%CVE-2023-35047MEDIUMWordPress All Bootstrap Blocks Plugin <= 1.3.6 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.2%CVE-2019-20460HIGHAn issue was discovered on Epson Expression Home XP255 20.08.FM10I8 devices. POST requests don't require (anti-)CSRF tokens or other mechaniEPSS 0.2%CVE-2026-6293MEDIUMInquiry form to posts or pages <= 1.0 - Cross-Site Request Forgery to Stored Cross-Site Scripting via 'inq_header' ParameterEPSS 0.2%CVE-2025-5885MEDIUMKonica Minolta bizhub cross-site request forgeryEPSS 0.2%CVE-2024-4344MEDIUMShield Security – Smart Bot Blocking & Intrusion Prevention Security <= 19.1.13 - Cross-Site Request ForgeryEPSS 0.2%CVE-2024-28430MEDIUMDedeCMS v5.7 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via the component /dede/catalog_edit.php.EPSS 0.2%CVE-2024-23597MEDIUMCross-site request forgery (CSRF) vulnerability exists in TvRock 0.9t8a. If a logged-in user of TVRock accesses a specially crafted page, unEPSS 0.2%CVE-2026-42073MEDIUMOpenClaude's MCP OAuth Callback: State Check Bypass via error Param Leads to DoSEPSS 0.2%CVE-2024-5804MEDIUMConditional Fields for Contact Form 7 <= 2.4.13 - Cross-Site Request Forgery to Plugin Setting ResetEPSS 0.2%CVE-2022-50804MEDIUMJM-DATA ONU JF511-TV 1.0.67 Cross-Site Request Forgery (CSRF) VulnerabilityEPSS 0.2%CVE-2024-54356MEDIUMWordPress Online Booking & Scheduling Calendar for WordPress by vcita plugin <= 4.5 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2023-5982MEDIUMUpdraftPlus <= 1.23.10 - Cross-Site Request Forgery to Google Drive Storage UpdateEPSS 0.2%CVE-2024-2951MEDIUMWordPress RegistrationMagic plugin <= 5.3.0.0 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2024-8476MEDIUMEasy PayPal Events <= 1.2.1 - Cross-Site Request Forgery to Arbitrary Post DeletionEPSS 0.2%CVE-2023-35877HIGHWordPress Extra User Details Plugin <= 0.5 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.2%CVE-2024-55945MEDIUMCross-Site Request Forgery in DB Check Module in TYPO3EPSS 0.2%CVE-2023-34029MEDIUMWordPress Disable WordPress Update Notifications Plugin <= 2.3.3 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.2%CVE-2025-7834MEDIUMPHPGurukul Complaint Management System cross-site request forgeryEPSS 0.2%CVE-2023-24417MEDIUMWordPress Worthy – VG WORT Integration für WordPress Plugin <= 1.6.5-6497609 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.2%