Falhas do tipo CWE-352

5.740 resultados
CVE-2026-39170MEDIUMSemCms 5.0 is vulnerable to Cross Site Request Forgery (CSRF) via crafted POST request to /admin/semcms_user.php.EPSS 0.1%CVE-2026-61956HIGHWordPress ووسلام – همگام سازی ووکامرس و باسلام plugin <= 1.9.1 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.1%CVE-2026-32343MEDIUMWordPress Easy Table of Contents plugin <= 2.0.80 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.1%CVE-2026-22360MEDIUMWordPress SearchAzon plugin <= 1.4 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.1%CVE-2026-25319MEDIUMWordPress Zita Elementor Site Library plugin <= 1.6.6 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.1%CVE-2026-22462MEDIUMWordPress Add Polylang support for Customizer plugin <= 1.4.5 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.1%CVE-2026-49433LOWDeepAI api.deepai.org/change_user_email CSRFEPSS 0.1%CVE-2025-58999MEDIUMWordPress WP Attractive Donations System - Easy Stripe & Paypal donations plugin <= 1.25 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.1%CVE-2026-24966MEDIUMWordPress Copyscape Premium plugin <= 1.4.1 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.1%CVE-2026-25411MEDIUMWordPress Revision Manager TMC plugin <= 2.8.22 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.1%CVE-2025-12578MEDIUMReuters Direct <= 3.0.0 - Cross-Site Request Forgery to Settings ResetEPSS 0.1%CVE-2026-41425MEDIUMAuthlib: Cross-site request forging when using cacheEPSS 0.1%CVE-2025-10055MEDIUMTime Sheets <= 2.1.3 - Cross-Site Request ForgeryEPSS 0.1%CVE-2025-14391MEDIUMSimple Theme Changer <= 1.0 - Cross-Site Request Forgery to Arbitrary Theme Switcher Configuration UpdateEPSS 0.1%CVE-2025-63030HIGHWordPress New User Approve plugin <= 3.2.3 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.1%CVE-2025-68573MEDIUMWordPress Simple Keyword to Link plugin <= 1.5 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.1%CVE-2025-68529MEDIUMWordPress WP Email Capture plugin <= 3.12.5 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.1%CVE-2026-53663LOWReact Router: `handleDocumentRequest` CSRF check covers `POST` only; PUT/PATCH/DELETE bypassEPSS 0.1%CVE-2025-68567MEDIUMWordPress My auctions allegro plugin <= 3.6.33 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.1%CVE-2025-11759MEDIUMBackup, Restore and Migrate your sites with XCloner <= 4.8.2 - Cross-Site Request Forgery in Xcloner_Remote_Storage:save()EPSS 0.1%