Falhas do tipo CWE-352
5.720 resultadosCVE-2025-13177MEDIUMBdtask/CodeCanyon SalesERP cross-site request forgeryEPSS 0.2%CVE-2023-45267MEDIUMWordPress IRivYou Plugin <= 2.2.1 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.2%CVE-2023-41850MEDIUMWordPress Outbound Link Manager Plugin <= 1.2 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.2%CVE-2024-24935MEDIUMWordPress Basic Log Viewer Plugin <= 1.0.4 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.2%CVE-2023-45643MEDIUMWordPress CPT Shortcode Generator Plugin <= 1.0 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.2%CVE-2024-25692MEDIUMBUG-000154722 - Cross-site request forgery (CSRF) issue in Portal for ArcGISEPSS 0.2%CVE-2023-46085MEDIUMWordPress Wp Ultimate Review Plugin <= 2.2.4 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.2%CVE-2023-41131MEDIUMWordPress Sp*tify Play Button for WordPress Plugin <= 2.10 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.2%CVE-2023-25036MEDIUMWordPress Social Media Icons Widget Plugin <= 1.6 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.2%CVE-2024-3083HIGHA “CWE-352: Cross-Site Request Forgery (CSRF)” can be exploited by remote attackers to perform state-changing operations with administrativeEPSS 0.2%CVE-2022-47172MEDIUMWordPress WooLentor Plugin <= 2.6.2 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.2%CVE-2023-5532MEDIUMImageMapper <= 1.2.6 - Cross-Site Request Forgery to Stored Cross-Site Scripting via imgmap_save_area_titleEPSS 0.2%CVE-2023-45268MEDIUMWordPress Hitsteps Web Analytics Plugin <= 5.86 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.2%CVE-2022-47169MEDIUMWordPress Visibility Logic for Elementor Plugin <= 2.3.4 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.2%CVE-2023-41876MEDIUMWordPress WP Gallery Metabox Plugin <= 1.0.0 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.2%CVE-2024-8489HIGHCSRF due to overly permissive CORS headers in modelscope/agentscopeEPSS 0.2%CVE-2026-32989HIGHPrecurio Intranet Portal 4.4: Cross-Site Request Forgery leading to arbitrary file uploadEPSS 0.2%CVE-2025-24738MEDIUMWordPress Call Now Button plugin <= 1.4.13 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2023-37891MEDIUMWordPress Exit Popups & Onsite Retargeting by OptiMonk Plugin <= 2.0.4 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.2%CVE-2023-45651MEDIUMWordPress WP Attachments Plugin <= 5.0.11 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.2%