Falhas do tipo CWE-352

5.724 resultados
CVE-2024-54353HIGHWordPress Hack-Info plugin <= 3.17 - CSRF to Stored Cross Site Scripting (XSS) vulnerabilityEPSS 0.2%CVE-2024-29093MEDIUMWordPress Builder for WooCommerce reviews shortcodes – ReviewShort plugin <= 1.01.3 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2024-54386HIGHWordPress Push Monkey Pro plugin <= 3.9 - CSRF to Stored XSS vulnerabilityEPSS 0.2%CVE-2024-54414HIGHWordPress Geoportail Shortcode plugin <= 2.4.4 - CSRF to Stored Cross-Site Scripting vulnerabilityEPSS 0.2%CVE-2024-54434HIGHWordPress phZoom plugin <= 1.2.92 - CSRF to Stored XSS vulnerabilityEPSS 0.2%CVE-2024-54426HIGHWordPress LeaderBoard Plugin plugin <= 1.2.4 - CSRF to Stored Cross-Site Scripting vulnerabilityEPSS 0.2%CVE-2024-54440HIGHWordPress WP-Ban-User plugin <= 1.0 - CSRF to Stored XSS vulnerabilityEPSS 0.2%CVE-2024-54405HIGHWordPress ECT Social Share plugin <= 1.3 - CSRF to Stored XSS vulnerabilityEPSS 0.2%CVE-2024-6959HIGHDenial of Service (DOS) in multipart boundary while uploading file in parisneo/lollms-webuiEPSS 0.2%CVE-2024-31303MEDIUMWordPress Sign-up Sheets plugin <= 2.2.11.1 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2024-54435HIGHWordPress Onlywire Multi Autosubmitter plugin <= 1.2.4 - CSRF to Stored XSS vulnerabilityEPSS 0.2%CVE-2024-4543MEDIUMSnippet Shortcodes <= 4.1.4 - Cross-Site Request ForgeryEPSS 0.2%CVE-2026-13952MEDIUMInappropriate implementation in PerformanceAPIs in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to leak cross-origin data EPSS 0.2%CVE-2024-33691MEDIUMWordPress Popup Builder by OptinMonster plugin <= 2.15.3 - Cross Site Request Forgery (CSRF) Notice Dismissal vulnerabilityEPSS 0.2%CVE-2024-33683MEDIUMWordPress Hide Dashboard Notifications plugin <= 1.2.3 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2026-34613MEDIUMAVideo: CSRF on Plugin Enable/Disable Endpoint Allows Disabling Security PluginsEPSS 0.2%CVE-2025-61930HIGHEmlog Pro has CSRF issue that Enables Admin Password ResetEPSS 0.2%CVE-2024-42603MEDIUMPligg CMS v2.0.2 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/admin_backup.php?dobackup=clearallEPSS 0.2%CVE-2024-42606MEDIUMPligg CMS v2.0.2 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/admin_log.php?clear=1EPSS 0.2%CVE-2026-13946MEDIUMInappropriate implementation in ScriptInjections in Google Chrome on iOS prior to 150.0.7871.47 allowed a remote attacker to leak cross-origEPSS 0.2%