Falhas do tipo CWE-352
5.733 resultadosCVE-2026-6777MEDIUMOther issue in the Networking: DNS componentEPSS 0.2%CVE-2025-26902MEDIUMWordPress Brizy Pro plugin <= 2.6.1 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2025-53277HIGHWordPress IS-theme-companion plugin <= 1.59 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2026-4401MEDIUMDownload Monitor <= 5.1.10 - Cross-Site Request Forgery to Download Path Deletion and DisablingEPSS 0.2%CVE-2024-54205HIGHWordPress Paloma Widget plugin <= 1.14 - CSRF to Stored XSS vulnerabilityEPSS 0.2%CVE-2025-13871LOWThe feature to manage resources is prone to Cross-Site Request Forgery attacksEPSS 0.2%CVE-2025-3153MEDIUMConcrete CMS version 9 below 9.4.0RC2 and versions below 8.5.20 - CSRF and XSS in Concrete CMS Custom Address attributeEPSS 0.2%CVE-2026-11214MEDIUMInappropriate implementation in Chrome for iOS in Google Chrome on iOS prior to 149.0.7827.53 allowed a remote attacker to leak cross-originEPSS 0.2%CVE-2024-51630HIGHWordPress Responsive Flickr Gallery plugin <= 1.3.1 - CSRF to Stored XSS vulnerabilityEPSS 0.2%CVE-2024-9661MEDIUMWP All Import Pro <= 4.9.7 - Cross-Site Request Forgery to Imported Content DeletionEPSS 0.2%CVE-2025-49511HIGHWordPress Civi Framework plugin <= 2.1.6 - Cross Site Request Forgery (CSRF) to User Deactivation vulnerabilityEPSS 0.2%CVE-2026-1208MEDIUMFriendly Functions for Welcart <= 1.2.5 - Cross-Site Request Forgery to Settings UpdateEPSS 0.2%CVE-2025-28986HIGHWordPress Epicwin Plugin plugin <= 1.5 - CSRF to SQL Injection vulnerabilityEPSS 0.2%CVE-2025-48255MEDIUMWordPress Broadcast Live Video – Live Streaming : WebRTC, HLS, RTSP, RTMP plugin <= 6.2.4 - Cross Site Request Forgery (CSRF) VulnerabilityEPSS 0.2%CVE-2025-26925MEDIUMWordPress Admin Menu Manager plugin <= 1.0.3 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2025-46241HIGHWordPress Appointment Booking Calendar plugin <= 1.3.92 - CSRF to SQL Injection vulnerabilityEPSS 0.2%CVE-2024-38724HIGHWordPress Contact Form 7 Summary and Print plugin <= 1.2.5 - Cross Site Request Forgery (CSRF) to XSS vulnerabilityEPSS 0.2%CVE-2025-14795MEDIUMStop Spammers Classic <= 2026.1 - Cross-Site Request Forgery via Email AllowlistEPSS 0.2%CVE-2025-47633MEDIUMWordPress Awin – Advertiser Tracking for WooCommerce plugin <= 2.0.0 - CSRF to Product Feed Regeneration vulnerabilityEPSS 0.2%CVE-2025-67639LOWA cross-site request forgery (CSRF) vulnerability in Jenkins 2.540 and earlier, LTS 2.528.2 and earlier allows attackers to trick users intoEPSS 0.2%