Falhas do tipo CWE-352
5.721 resultadosCVE-2023-31218HIGHWordPress WOLF Plugin <= 1.0.6 is vulnerable to CSRF leading to Stored Cross Site Scripting (XSS) vulnerabilityEPSS 0.2%CVE-2026-4091MEDIUMOPEN-BRAIN <= 0.5.0 - Cross-Site Request ForgeryEPSS 0.2%CVE-2023-7048LOWMy Sticky Bar <= 2.6.6 - Cross-Site Request Forgery to Sensitive Information ExposureEPSS 0.2%CVE-2025-11087HIGHZegen Core <= 2.0.1 - Cross-Site Request Forgery to Arbitrary File UploadEPSS 0.2%CVE-2024-35551MEDIUMidccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /admin/infoWeb_deal.php?mudi=add.EPSS 0.2%CVE-2020-10734—A vulnerability was found in keycloak in the way that the OIDC logout endpoint does not have CSRF protection. Versions shipped with Red Hat EPSS 0.2%CVE-2025-31034MEDIUMWordPress Customize Login Page plugin <= 1.1 - Cross Site Request Forgery (CSRF) to Settings Change vulnerabilityEPSS 0.2%CVE-2022-36404MEDIUMWordPress Simple SEO plugin <= 1.8.12 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2023-41730MEDIUMWordPress SendPress Newsletters Plugin <= 1.22.3.31 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.2%CVE-2024-2959MEDIUMSVS Pricing Tables <= 1.0.4 - Cross-Site Request Forgery to Pricing Table Edit/CreationEPSS 0.2%CVE-2024-33638MEDIUMWordPress Smart Maintenance Mode plugin <= 1.4.4 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2025-25907HIGHtianti v2.3 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /user/ajax/save. This vulnerability allows attacEPSS 0.2%CVE-2024-2960MEDIUMSVS Pricing Tables <= 1.0.4 - Cross-Site Request Forgery to Pricing Table DeletionEPSS 0.2%CVE-2025-15405MEDIUMPHPEMS cross-site request forgeryEPSS 0.2%CVE-2024-33632MEDIUMWordPress Piotnet Addons For Elementor Pro plugin <= 7.1.17 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2023-46067MEDIUMWordPress Rocket Font Plugin <= 1.2.3 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.2%CVE-2023-4628MEDIUMLadiApp <= 4.4 - Cross-Site Request Forgery via ladiflow_save_hook()EPSS 0.2%CVE-2023-46777MEDIUMWordPress Feather Login Page Plugin <= 1.1.3 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.2%CVE-2023-41853MEDIUMWordPress WP iCal Availability Plugin <= 1.0.3 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.2%CVE-2023-45108MEDIUMWordPress Mailrelay Plugin <= 2.1.1 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.2%