Falhas do tipo CWE-352

5.721 resultados
CVE-2025-49462LOWZoom Clients - Cross-site ScriptingEPSS 0.2%CVE-2024-42625MEDIUMFrogCMS v0.9.5 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/?/layout/addEPSS 0.2%CVE-2025-31005MEDIUMWordPress Easyfonts plugin <= 1.1.2 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2025-30783HIGHWordPress WP Google Review Slider plugin <= 16.0 - CSRF to SQL Injection vulnerabilityEPSS 0.2%CVE-2024-30468MEDIUMWordPress All-In-One Security (AIOS) – Security and Firewall plugin <= 5.2.6 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2024-32450MEDIUMWordPress WpTravelly plugin <= 1.6.0 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2024-46600MEDIUMdingfanzu CMS 1.0 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/doAdminAction.php?act=delCate&id=31EPSS 0.2%CVE-2024-30455MEDIUMWordPress GamiPress plugin <= 6.8.5 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2024-32084MEDIUMWordPress Before And After plugin <= 3.9 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2026-46786CRITICALVulnerability in the Oracle WebCenter Content product of Oracle Fusion Middleware (component: Content Server). The supported version that EPSS 0.2%CVE-2024-42629MEDIUMFrogCMS v0.9.5 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/?/page/edit/10.EPSS 0.2%CVE-2018-25310MEDIUMVideoFlow Digital Video Protection DVP 2.10 - Authenticated Remote Code ExecutionEPSS 0.2%CVE-2024-42056MEDIUMRetool (self-hosted enterprise) through 3.40.0 inserts resource authentication credentials into sent data. Credentials for users with "Use" EPSS 0.2%CVE-2024-38790MEDIUMWordPress Smartsupp plugin <= 3.6 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2024-47315MEDIUMWordPress GiveWP – Donation Plugin and Fundraising Platform plugin <= 3.15.1 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2024-10521MEDIUMWordPress Contact Forms by Cimatti <= 1.9.2 - Cross-Site Request Forgery via process_bulk_action FunctionEPSS 0.2%CVE-2026-1153MEDIUMtechnical-laohu mpay cross-site request forgeryEPSS 0.2%CVE-2025-32248MEDIUMWordPress SwiftXR (3D/AR/VR) Viewer plugin <= 1.0.7 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2024-32448MEDIUMWordPress Ads.txt Admin plugin <= 1.3 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2024-32436MEDIUMWordPress Gift Cards plugin <= 4.4.0 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%