Falhas do tipo CWE-352

5.719 resultados
CVE-2024-2951MEDIUMWordPress RegistrationMagic plugin <= 5.3.0.0 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2025-20228MEDIUMMaintenance mode state change of App Key Value Store (KVStore) through a Cross-Site Request Forgery (CSRF) in Splunk EnterpriseEPSS 0.2%CVE-2023-6197MEDIUMAudio Merchant <= 5.0.4 - Cross-Site Request Forgery to Settings Modifcation and Stored Cross-Site ScriptingEPSS 0.2%CVE-2024-24706MEDIUMWordPress WP-CFM Plugin <= 1.7.8 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.2%CVE-2023-35877HIGHWordPress Extra User Details Plugin <= 0.5 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.2%CVE-2024-8980CRITICALThe Script Console in Liferay Portal 7.0.0 through 7.4.3.101, and Liferay DXP 2023.Q3.1 through 2023.Q3.4, 7.4 GA through update 92, 7.3 GA EPSS 0.2%CVE-2025-6476MEDIUMSourceCodester Gym Management System cross-site request forgeryEPSS 0.2%CVE-2024-54307MEDIUMWordPress AIcomments plugin <= 1.4.1 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2024-54300MEDIUMWordPress AutoWP plugin <= 2.0.8 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2023-25443MEDIUMWordPress Button Generator – easily Button Builder Plugin <= 2.3.5 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.2%CVE-2021-36855MEDIUMWordPress Booking Ultra Pro plugin <= 1.1.4 - Cross-Site Scripting (XSS) via Cross-Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2023-34029MEDIUMWordPress Disable WordPress Update Notifications Plugin <= 2.3.3 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.2%CVE-2024-12220MEDIUMSMS for WooCommerce <= 2.8.1 - Cross-Site Request Forgery to Reflected Cross-Site ScriptingEPSS 0.2%CVE-2023-7203MEDIUMSmart Forms < 2.6.87 - Subscriber+ Arbitrary Entry DeletionEPSS 0.2%CVE-2024-35555MEDIUMidccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /admin/share_switch.php?mudi=switch&dataType=neEPSS 0.2%CVE-2025-7133MEDIUMCodeAstro Online Movie Ticket Booking System cross-site request forgeryEPSS 0.2%CVE-2022-42880MEDIUMWordPress Auto Upload Images Plugin <= 3.3 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.2%CVE-2024-32101MEDIUMWordPress Email Marketing for WooCommerce plugin <= 1.14.3 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2023-44236MEDIUMWordPress WP Captcha Plugin <= 2.0.0 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.2%CVE-2023-44475MEDIUMWordPress Add Shortcodes Actions And Filters Plugin <= 2.0.9 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.2%