Falhas do tipo CWE-352

5.728 resultados
CVE-2025-32271MEDIUMWordPress Woocommerce Role Pricing Plugin <= 3.5.6 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2024-37235MEDIUMWordPress Groundhogg plugin <= 3.4.2.3 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2025-1463MEDIUMSpreadsheet Integration <= 3.8.2 - Cross-Site Request Forgery to Arbitrary Post PublishEPSS 0.2%CVE-2024-37448MEDIUMWordPress OnePress theme <= 2.3.6 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2025-28868MEDIUMWordPress ZipList Recipe plugin <= 3.1 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2025-23720HIGHWordPress Web Push plugin <= 1.4.0 - CSRF to Stored XSS vulnerabilityEPSS 0.2%CVE-2025-28864MEDIUMWordPress Builder for Contact Form 7 by Webconstruct plugin <= 1.2.2 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2025-28856MEDIUMWordPress W3Counter Free Real-Time Web Stats plugin <= 4.1 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2024-37458MEDIUMWordPress Highlight theme <= 1.0.29 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2024-37274MEDIUMWordPress WP Mobile Menu plugin <= 2.8.4.3 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2025-1530MEDIUMTripetto <= 8.0.9 - Cross-Site Request Forgery to Arbitrary Results DeletionEPSS 0.2%CVE-2024-12170MEDIUMViewMedica Embed <= 1.4.15 - Cross-Site Request Forgery to SQL InjectionEPSS 0.2%CVE-2025-27454MEDIUMCVE-2025-27454EPSS 0.2%CVE-2024-4426MEDIUMComparison Slider <= 1.0.5 - Cross-Site Request ForgeryEPSS 0.2%CVE-2023-52129MEDIUMWordPress teachPress Plugin <= 9.0.4 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.2%CVE-2020-37046MEDIUMSistem Informasi Pengumuman Kelulusan Online 1.0 - Cross-Site Request ForgeryEPSS 0.2%CVE-2026-13422MEDIUMHD Quiz 2.2.0 - 2.2.1 - Cross-Site Request Forgery via Multiple AJAX HandlersEPSS 0.2%CVE-2026-8423MEDIUMJaviBola Custom Theme Test <= 2.0.5 - Cross-Site Request ForgeryEPSS 0.2%CVE-2025-2871MEDIUMWordPress Mega Menu – QuadMenu <= 3.2.0 - Cross-Site Request Forgery to Limited User Meta UpdateEPSS 0.2%CVE-2025-23081MEDIUMVarious security vulnerabilities in Extension:DataTransferEPSS 0.2%