Falhas do tipo CWE-352

5.733 resultados
CVE-2025-49284MEDIUMWordPress WP Maintenance Mode & Site Under Construction plugin <= 4.3 - Cross Site Request Forgery (CSRF) VulnerabilityEPSS 0.1%CVE-2025-30946MEDIUMWordPress Custom Bulk/Quick Edit plugin <= 1.6.10 - Cross Site Request Forgery (CSRF) VulnerabilityEPSS 0.1%CVE-2020-37118MEDIUMP5 FNIP-8x16A FNIP-4xSH 1.0.20 - Cross-Site Request Forgery (Add Admin)EPSS 0.1%CVE-2025-47551MEDIUMWordPress Wiki Embed plugin <= 1.4.6 - Cross Site Request Forgery (CSRF) to Settings Change vulnerabilityEPSS 0.1%CVE-2024-23734MEDIUMCross Site Request Forgery vulnerability in in the upload functionality of the User Profile pages in savignano S/Notify before 2.0.1 for BitEPSS 0.1%CVE-2025-15550MEDIUMbirkir prime <= 0.4.0.beta.0 - Cross-Site Request Forgery in GraphQLEPSS 0.1%CVE-2026-1392MEDIUMSR WP Minify HTML <= 2.1 - Cross-Site Request Forgery to Settings UpdateEPSS 0.1%CVE-2025-46436MEDIUMWordPress SCSS-Library plugin <= 0.4.1 - Cross Site Request Forgery (CSRF) VulnerabilityEPSS 0.1%CVE-2025-47542MEDIUMWordPress Simple calendar for Elementor plugin <= 1.6.5 - Cross Site Request Forgery (CSRF) VulnerabilityEPSS 0.1%CVE-2024-13261LOWAcquia DAM - Moderately critical - Cross Site Request Forgery, Denial of Service - SA-CONTRIB-2024-025EPSS 0.1%CVE-2025-47597MEDIUMWordPress WP Podcasts Manager plugin <= 1.3 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.1%CVE-2025-47647MEDIUMWordPress Sidebar Manager Light plugin <= 1.18 - Cross Site Request Forgery (CSRF) VulnerabilityEPSS 0.1%CVE-2025-47594MEDIUMWordPress Soccer Live Scores <= 1.0.5 - Cross Site Request Forgery (CSRF) VulnerabilityEPSS 0.1%CVE-2025-4966MEDIUMWP Online Users Stats <= 1.0.0 - Cross-Site Request Forgery to Stored Cross-Site Scripting via hk_dataset_results FunctionEPSS 0.1%CVE-2025-49317MEDIUMWordPress WP Page Loading plugin <= 1.0.6 - Cross Site Request Forgery (CSRF) VulnerabilityEPSS 0.1%CVE-2025-30629MEDIUMWordPress Bitly URL Shortener plugin <= 1.4.1 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.1%CVE-2025-65962MEDIUMTuleap has missing CSRF protections its in tracker field dependenciesEPSS 0.1%CVE-2025-47446MEDIUMWordPress Listamester plugin <= 2.3.6 - Cross Site Request Forgery (CSRF) VulnerabilityEPSS 0.1%CVE-2025-47606MEDIUMWordPress Simple Giveaways plugin <= 2.49.0 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.1%CVE-2025-47470MEDIUMWordPress GPT3 AI Content Writer plugin <= 1.9.14 - Cross Site Request Forgery (CSRF) to Prompt Generation vulnerabilityEPSS 0.1%