Falhas do tipo CWE-352

5.733 resultados
CVE-2025-23806HIGHWordPress Ultimate Subscribe Plugin <=1.3 - CSRF to Reflected Cross Site Scripting (XSS) vulnerabilityEPSS 0.2%CVE-2024-48038MEDIUMWordPress wp-Monalisa plugin <= 6.4 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2024-13647MEDIUMSchool Management System – SakolaWP <= 1.0.8 - Cross-Site Request Forgery to Exam Setting ManipulationEPSS 0.2%CVE-2026-4141MEDIUMQuran Translations <= 1.7 - Cross-Site Request Forgery to Playlist Settings FormEPSS 0.2%CVE-2025-46241HIGHWordPress Appointment Booking Calendar plugin <= 1.3.92 - CSRF to SQL Injection vulnerabilityEPSS 0.2%CVE-2024-56222MEDIUMWordPress CodeBard Help Desk plugin <= 1.1.1 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2025-14630MEDIUMAdminQuickbar <= 1.9.3 - Cross-Site Request Forgery to Settings UpdateEPSS 0.2%CVE-2026-46787HIGHVulnerability in the Oracle WebCenter Content product of Oracle Fusion Middleware (component: Content Server). The supported version that EPSS 0.2%CVE-2025-47624MEDIUMWordPress DoFollow Case by Case plugin <= 3.5.1 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2025-46458HIGHWordPress occupancyplan plugin <= 1.0.3.0 - CSRF to SQL Injection vulnerabilityEPSS 0.2%CVE-2025-67639LOWA cross-site request forgery (CSRF) vulnerability in Jenkins 2.540 and earlier, LTS 2.528.2 and earlier allows attackers to trick users intoEPSS 0.2%CVE-2025-48255MEDIUMWordPress Broadcast Live Video – Live Streaming : WebRTC, HLS, RTSP, RTMP plugin <= 6.2.4 - Cross Site Request Forgery (CSRF) VulnerabilityEPSS 0.2%CVE-2026-1215MEDIUMMMA Call Tracking <= 2.3.15 - Cross-Site Request Forgery to Plugin Settings UpdateEPSS 0.2%CVE-2025-23803HIGHWordPress Snippy Plugin <= 1.4.1 - CSRF to Cross Site Scripting (XSS) vulnerabilityEPSS 0.2%CVE-2024-38724HIGHWordPress Contact Form 7 Summary and Print plugin <= 1.2.5 - Cross Site Request Forgery (CSRF) to XSS vulnerabilityEPSS 0.2%CVE-2025-28986HIGHWordPress Epicwin Plugin plugin <= 1.5 - CSRF to SQL Injection vulnerabilityEPSS 0.2%CVE-2025-47633MEDIUMWordPress Awin – Advertiser Tracking for WooCommerce plugin <= 2.0.0 - CSRF to Product Feed Regeneration vulnerabilityEPSS 0.2%CVE-2025-49291MEDIUMWordPress Calculated Fields Form plugin <= 5.3.58 - Cross Site Request Forgery (CSRF) VulnerabilityEPSS 0.2%CVE-2025-26925MEDIUMWordPress Admin Menu Manager plugin <= 1.0.3 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2026-1644MEDIUMWP Frontend Profile <= 1.3.8 - Cross-Site Request Forgery to Unauthorized User Account Approval or RejectionEPSS 0.2%