Falhas do tipo CWE-352

5.724 resultados
CVE-2025-8505MEDIUM495300897 wx-shop cross-site request forgeryEPSS 0.2%CVE-2025-6001HIGHVirtueMart - Cross Site Request Forgery (CSRF)EPSS 0.2%CVE-2023-41792MEDIUMLack of Authorization and Stored XSS Via SNMP Trap Editor PageEPSS 0.2%CVE-2024-21752HIGHWordPress Ajax Search Lite Plugin <= 4.11.4 is vulnerable to Cross Site Scripting (XSS)EPSS 0.2%CVE-2026-2317MEDIUMInappropriate implementation in Animation in Google Chrome prior to 145.0.7632.45 allowed a remote attacker to leak cross-origin data via a EPSS 0.2%CVE-2025-28101MEDIUMAn arbitrary file deletion vulnerability in the /post/{postTitle} component of flaskBlog v2.6.1 allows attackers to delete article titles crEPSS 0.2%CVE-2024-39119MEDIUMidccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) via admin/info_deal.php?mudi=rev&nohrefStr=close.EPSS 0.2%CVE-2024-9311MEDIUMCross-Site Request Forgery to XSS in haotian-liu/llavaEPSS 0.2%CVE-2025-8592HIGHInspiro <= 2.1.2 - Cross-Site Request Forgery to Arbitrary Plugin InstallationEPSS 0.2%CVE-2025-24711MEDIUMWordPress Popup Box Plugin <= 3.2.4 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2024-33688MEDIUMWordPress Teluro theme <= 1.0.31 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2026-40581HIGHChurchCRM: Cross-Site Request Forgery (CSRF) in SelectDelete.php Leading to Permanent Data DeletionEPSS 0.2%CVE-2025-24716MEDIUMWordPress Herd Effects Plugin <= 6.2.1 - Cross Site Request Forgery (CSRF) to Settings Change vulnerabilityEPSS 0.2%CVE-2018-25363MEDIUMTwitter-Clone 1 Cross-Site Request Forgery via tweetdel.phpEPSS 0.2%CVE-2025-24713MEDIUMWordPress Button Generator – easily Button Builder Plugin <= 3.1.1 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2024-37241MEDIUMWordPress WP Job Manager Resume Manager plugin <= 2.1.0 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2025-24712MEDIUMWordPress Radius Blocks – WordPress Gutenberg Blocks Plugin <= 2.1.2 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2024-40883MEDIUMCross-site request forgery vulnerability exists in ELECOM wireless LAN routers. Viewing a malicious page while logging in to the affected prEPSS 0.2%CVE-2025-24714MEDIUMWordPress Bubble Menu Plugin <= 4.0.2 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2024-43117MEDIUMWordPress Hummingbird plugin <= 3.9.1 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%