Falhas do tipo CWE-352

5.721 resultados
CVE-2024-37212HIGHWordPress AliExpress Dropshipping with AliNext Lite plugin <= 3.3.5 - CSRF to PHP Object Injection vulnerabilityEPSS 0.2%CVE-2023-4629MEDIUMLadiApp <= 4.4 - Cross-Site Request Forgery via save_config()EPSS 0.2%CVE-2023-45108MEDIUMWordPress Mailrelay Plugin <= 2.1.1 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.2%CVE-2023-45836MEDIUMWordPress Ultimate Taxonomy Manager Plugin <= 2.0 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.2%CVE-2023-46067MEDIUMWordPress Rocket Font Plugin <= 1.2.3 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.2%CVE-2024-2326MEDIUMPretty Links – Affiliate Links, Link Branding, Link Tracking & Marketing Plugin <= 3.6.3 - Cross-Site Request Forgery to Plugin Settings UpdateEPSS 0.2%CVE-2022-41263MEDIUMDue to a missing authentication check, SAP Business Objects Business Intelligence Platform (Web Intelligence) - versions 420, 430, allows anEPSS 0.2%CVE-2024-1943MEDIUMYuki <= 1.3.14 - Cross-Site Request Forgery to Theme Setting ResetEPSS 0.2%CVE-2023-41667MEDIUMWordPress WP-dTree Plugin <= 4.4.5 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.2%CVE-2023-41853MEDIUMWordPress WP iCal Availability Plugin <= 1.0.3 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.2%CVE-2023-4628MEDIUMLadiApp <= 4.4 - Cross-Site Request Forgery via ladiflow_save_hook()EPSS 0.2%CVE-2023-38398MEDIUMWordPress Taboola Plugin <= 2.0.1 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.2%CVE-2023-46777MEDIUMWordPress Feather Login Page Plugin <= 1.1.3 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.2%CVE-2023-45058MEDIUMWordPress Short URL Plugin <= 1.6.8 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.2%CVE-2024-1335MEDIUMImageRecycle pdf & image compression <= 3.1.13 - Cross-Site Request Forgery to Settings Update in disableOptimizationEPSS 0.2%CVE-2025-31690HIGHCache Utility - Moderately critical - Cross Site Request Forgery - SA-CONTRIB-2025-019EPSS 0.2%CVE-2026-39371HIGHRedwoodSDK has a CSRF vulnerability in server function dispatch via GET requestsEPSS 0.2%CVE-2025-7202MEDIUMCross-Site Request Forgery (CSRF) allowed remote control of Elgato Key LightsEPSS 0.2%CVE-2023-52216MEDIUMWordPress JS & CSS Script Optimizer Plugin <= 0.3.3 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.2%CVE-2024-32092MEDIUMWordPress Kimili Flash Embed plugin <= 2.5.3 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%