Falhas do tipo CWE-352

5.723 resultados
CVE-2025-24696MEDIUMWordPress Gutenberg Blocks and Page Layouts Plugin <= 1.9.6 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2025-27910HIGHtianti v2.3 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /user/ajax/upd/status. This vulnerability allowsEPSS 0.2%CVE-2025-27012HIGHWordPress A1POST.BG Shipping for Woo plugin <= 1.5 - CSRF to Privilege Escalation vulnerabilityEPSS 0.2%CVE-2024-52451HIGHWordPress Post Ideas plugin <= 2 - CSRF to SQL Injection vulnerabilityEPSS 0.2%CVE-2025-7690MEDIUMAffiliate Plus <= 1.3.2 - Cross-Site Request Forgery to Stored Cross-Site ScriptingEPSS 0.2%CVE-2025-32547HIGHWordPress All push notification for WP Plugin <= 1.5.3 - CSRF to SQL Injection vulnerabilityEPSS 0.2%CVE-2023-50886MEDIUMWordPress Legal Pages plugin <= 1.3.7 - CSRF + Broken Access Control vulnerabilityEPSS 0.2%CVE-2024-4100MEDIUMPricing Table <= 2.0.1 - Cross-Site Request Forgery via ajax()EPSS 0.2%CVE-2024-41795MEDIUMA vulnerability has been identified in SENTRON 7KT PAC1260 Data Manager (All versions). The web interface of affected devices is vulnerable EPSS 0.2%CVE-2024-28429MEDIUMDedeCMS v5.7 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via the component /dede/archives_do.phpEPSS 0.2%CVE-2024-12554MEDIUMPeter’s Custom Anti-Spam <= 3.2.3 - Cross-Site Request Forgery via cas_register_post FunctionEPSS 0.2%CVE-2024-32105MEDIUMWordPress ELEX WooCommerce Dynamic Pricing and Discounts plugin <= 2.1.2 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2025-24568MEDIUMWordPress Starter Templates plugin <= 4.4.9 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2024-39155MEDIUMidccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /admin/ipRecord_deal.php?mudi=add.EPSS 0.2%CVE-2026-12158HIGHRegistrationMagic <= 6.0.9.1 - Cross-Site Request Forgery to Privilege Escalation via 'rmc_assign_user_role_action' ParameterEPSS 0.2%CVE-2023-31174HIGHCross-Site Request Forgery (CSRF)EPSS 0.2%CVE-2025-0669HIGHBOINC Server Cross-Site Request ForgeryEPSS 0.2%CVE-2023-46201HIGHWordPress Auto Login New User After Registration Plugin <= 1.9.6 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.2%CVE-2023-37992MEDIUMWordPress Smarty for WordPress Plugin <= 3.1.35 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.2%CVE-2018-25176HIGHAlive Parish 2.0.4 SQL Injection and Arbitrary File UploadEPSS 0.2%