Falhas do tipo CWE-352

5.729 resultados
CVE-2026-6292MEDIUMMP Customize Login Page <= 1.0 - Cross-Site Request Forgery to Settings UpdateEPSS 0.2%CVE-2025-30912MEDIUMWordPress Float menu plugin <= 6.1.2 - Cross Site Request Forgery (CSRF) to Settings Change vulnerabilityEPSS 0.2%CVE-2025-58250HIGHWordPress Findgo Theme <= 1.3.55 - Cross Site Request Forgery (CSRF) VulnerabilityEPSS 0.2%CVE-2025-8479MEDIUMZoho Flow <= 2.14.1 - Cross-Site Request ForgeryEPSS 0.2%CVE-2024-37421MEDIUMWordPress JobScout theme <= 1.1.4 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2018-25155MEDIUMTeradek Slice 7.3.15 Cross-Site Request Forgery via Password ChangeEPSS 0.2%CVE-2024-11142HIGHCSRF in Gosoft Software's Proticaret E-CommerceEPSS 0.2%CVE-2026-11134MEDIUMInappropriate implementation in Media in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to leak cross-origin data via a crafEPSS 0.2%CVE-2025-60912LOWphpIPAM v1.7.3 contains a Cross-Site Request Forgery (CSRF) vulnerability in the database export functionality. The generate-mysql.php functEPSS 0.2%CVE-2021-47722MEDIUMZucchetti Axess CLOKI Access Control 1.64 Cross-Site Request ForgeryEPSS 0.2%CVE-2024-12526MEDIUMArena.IM – Live Blogging for real-time events <= 0.4.1 - Cross-Site Request Forgery to Settings UpdateEPSS 0.2%CVE-2024-22287HIGHWordPress Better Anchor Links Plugin <= 1.7.5 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.2%CVE-2026-11083MEDIUMInappropriate implementation in Password Manager in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to leak cross-origin dataEPSS 0.2%CVE-2024-37243MEDIUMWordPress Vandana Lite theme <= 1.1.9 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2024-45372MEDIUMMZK-DP300N firmware versions 1.04 and earlier contains a cross-site request forger vulnerability. Viewing a malicious page while logging in EPSS 0.2%CVE-2024-31251MEDIUMWordPress Community by PeepSo plugin <= 6.3.1.1 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2026-11129MEDIUMInappropriate implementation in Extensions in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to leak cross-origin data via aEPSS 0.2%CVE-2025-60111HIGHWordPress Javo Core Plugin <= 3.0.0.266 - Cross Site Request Forgery (CSRF) VulnerabilityEPSS 0.2%CVE-2026-11200MEDIUMInappropriate implementation in WebRTC in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to leak cross-origin data via a craEPSS 0.2%CVE-2024-34807MEDIUMWordPress Fast Custom Social Share by CodeBard plugin <= 1.1.2 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%