Falhas do tipo CWE-352

5.733 resultados
CVE-2026-0818MEDIUMCSS-based exfiltration of the content from partially encrypted emails when allowing remote contentEPSS 0.2%CVE-2026-9582MEDIUMSourceCodester CET Automated Grading System with AI Predictive Analytics cross-site request forgeryEPSS 0.2%CVE-2025-58255CRITICALWordPress Custom Post Type Images Plugin <= 0.5 - Cross Site Request Forgery (CSRF) VulnerabilityEPSS 0.2%CVE-2019-25252MEDIUMTeradek VidiU Pro 3.0.3 Cross-Site Request Forgery via Password ChangeEPSS 0.2%CVE-2025-64166MEDIUMMercurius: Incorrect Content-Type parsing can lead to CSRF attackEPSS 0.2%CVE-2026-40864MEDIUMJupyterHub: Cross-origin form POSTs bypass XSRFEPSS 0.2%CVE-2025-28884MEDIUMWordPress WP Bulk Post Duplicator plugin <= 1.2 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2026-6452MEDIUMBigfishgames Syndicate <= 1.2 - Cross-Site Request Forgery to Settings Reset and UpdateEPSS 0.2%CVE-2025-28909MEDIUMWordPress WP No-Bot Question plugin <= 0.1.7 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2025-28927MEDIUMWordPress Display Template Name plugin <= 1.7.1 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2025-27315MEDIUMWordPress All-In-One Cufon Plugin <= 1.3.0 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2024-48341LOWdingfanzu CMS V1.0 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /admin/doAdminAction.php?act=addShopEPSS 0.2%CVE-2026-5918MEDIUMInappropriate implementation in Navigation in Google Chrome prior to 147.0.7727.55 allowed a remote attacker who had compromised the rendereEPSS 0.2%CVE-2026-1076MEDIUMStar Review Manager <= 1.2.2 - Cross-Site Request Forgery to Settings UpdateEPSS 0.2%CVE-2025-23640HIGHWordPress Rename Author Slug plugin <= 1.2.0 - CSRF to Stored XSS vulnerabilityEPSS 0.2%CVE-2025-23617HIGHWordPress Floatbox Plus plugin <= 1.4.4 - CSRF to Stored XSS vulnerabilityEPSS 0.2%CVE-2025-27318MEDIUMWordPress Simple Google Sitemap Plugin <= 1.6 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2024-9434MEDIUMWPGlobus Translate Options <= 2.2.0 - Cross-Site Request Forgery to Stored Cross-Site ScriptingEPSS 0.2%CVE-2024-5185HIGHData Poisoning in EmbedAIEPSS 0.2%CVE-2025-30854MEDIUMWordPress Serial Codes Generator and Validator with WooCommerce Support plugin <= 2.7.7 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%