Falhas do tipo CWE-352
5.724 resultadosCVE-2023-41654MEDIUMWordPress authLdap Plugin <= 2.5.8 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.2%CVE-2024-12386HIGHWP Abstracts <= 2.7.3 - Cross-Site Request Forgery to Arbitrary Account DeletionEPSS 0.2%CVE-2020-37054MEDIUMNavigate CMS 2.8.7 - Cross-Site Request ForgeryEPSS 0.2%CVE-2024-12414MEDIUMThemify Store Locator <= 1.1.9 - Cross-Site Request ForgeryEPSS 0.2%CVE-2023-31230HIGHWordPress Baidu Tongji generator Plugin <= 1.0.2 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.2%CVE-2023-22942MEDIUMCross-Site Request Forgery in the ‘ssg/kvstore_client’ REST Endpoint in Splunk EnterpriseEPSS 0.2%CVE-2023-3589MEDIUMCross-Site Request Forgery (CSRF) vulnerability affecting Teamwork Cloud from No Magic Release 2021x through No Magic Release 2022xEPSS 0.2%CVE-2024-20986MEDIUMVulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core). Supported versions that are affected areEPSS 0.2%CVE-2024-31376MEDIUMWordPress Dashboard To-Do List plugin <= 1.3.1 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2024-37102MEDIUMWordPress Vilva theme <= 1.2.2 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2026-11265HIGHInappropriate implementation in Autofill in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to leak cross-origin data via a cEPSS 0.2%CVE-2026-6075HIGHMedia Library Assistant <= 3.35 - Cross-Site Request Forgery via Bulk Action FormEPSS 0.2%CVE-2024-33678MEDIUMWordPress ClickCease Click Fraud Protection plugin <= 3.2.7 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2024-31612MEDIUMEmlog pro2.3 is vulnerable to Cross Site Request Forgery (CSRF) via twitter.php which can be used with a XSS vulnerability to access adminisEPSS 0.2%CVE-2024-31433MEDIUMWordPress The Events Calendar plugin <= 6.3.0 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2025-46721MEDIUMnosurf vulnerable to CSRF due to non-functional same-origin request checksEPSS 0.2%CVE-2025-1764HIGHLoginPress <= 3.3.1 - Cross-Site Request Forgery to Arbitrary Options UpdateEPSS 0.2%CVE-2026-25221LOWPolarLearn has Multiple Login CSRFs via Missing OAuth state Parameter (GitHub & Google)EPSS 0.2%CVE-2024-33689MEDIUMWordPress Radio Station plugin <= 2.5.7 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2024-35560MEDIUMidccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /admin/ca_deal.php?mudi=del&dataType=&dataTypeCEPSS 0.2%