Falhas do tipo CWE-352

5.733 resultados
CVE-2026-5624MEDIUMProjectSend upload.php cross-site request forgeryEPSS 0.2%CVE-2025-55043MEDIUMMuraCMS through 10.1.10 contains a CSRF vulnerability in the bundle creation functionality (csettings.cfc createBundle method) that allows uEPSS 0.2%CVE-2016-20051MEDIUMSnews CMS 1.7 Cross-Site Request Forgery via changeupEPSS 0.2%CVE-2026-1447MEDIUMMail Mint <= 1.19.2 - Cross-Site Request Forgery to Stored Cross-Site ScriptingEPSS 0.2%CVE-2018-25397MEDIUMPHP-SHOP 1.0 Cross-Site Request Forgery via users.phpEPSS 0.2%CVE-2025-25772MEDIUMA Cross-Site Request Forgery (CSRF) in the component /back/UserController.java of Jspxcms v9.0 to v9.5 allows attackers to arbitrarily add AEPSS 0.2%CVE-2025-3131MEDIUMECA: Event - Condition - Action - Critical - Cross site request forgery - SA-CONTRIB-2025-031EPSS 0.2%CVE-2023-38739MEDIUMIBM Sterling B2B Integrator cross-site request forgeryEPSS 0.2%CVE-2026-13537MEDIUMCodeAstro Human Resource Management System cross-site request forgeryEPSS 0.2%CVE-2026-27841HIGHSenseLive X3050 Cross-Site request forgeryEPSS 0.2%CVE-2025-24875MEDIUMSameSite Defense in Depth not applied for some cookies in SAP CommerceEPSS 0.2%CVE-2020-37007MEDIUMLiman 0.7 - Cross-Site Request Forgery (Change Password)EPSS 0.2%CVE-2023-50900MEDIUMWordPress Master Slider plugin <= 3.9.10 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2024-51630HIGHWordPress Responsive Flickr Gallery plugin <= 1.3.1 - CSRF to Stored XSS vulnerabilityEPSS 0.2%CVE-2024-9661MEDIUMWP All Import Pro <= 4.9.7 - Cross-Site Request Forgery to Imported Content DeletionEPSS 0.2%CVE-2024-7501MEDIUMDownload Plugins and Themes from Dashboard <= 1.8.7 - Cross-Site Request ForgeryEPSS 0.2%CVE-2026-11214MEDIUMInappropriate implementation in Chrome for iOS in Google Chrome on iOS prior to 149.0.7827.53 allowed a remote attacker to leak cross-originEPSS 0.2%CVE-2024-54205HIGHWordPress Paloma Widget plugin <= 1.14 - CSRF to Stored XSS vulnerabilityEPSS 0.2%CVE-2025-3153MEDIUMConcrete CMS version 9 below 9.4.0RC2 and versions below 8.5.20 - CSRF and XSS in Concrete CMS Custom Address attributeEPSS 0.2%CVE-2026-6777MEDIUMOther issue in the Networking: DNS componentEPSS 0.2%