Falhas do tipo CWE-352
5.740 resultadosCVE-2025-14394MEDIUMPopover Windows <= 1.2 - Cross-Site Request Forgery to Arbitrary Popover Configuration UpdateEPSS 0.1%CVE-2025-12578MEDIUMReuters Direct <= 3.0.0 - Cross-Site Request Forgery to Settings ResetEPSS 0.1%CVE-2026-41425MEDIUMAuthlib: Cross-site request forging when using cacheEPSS 0.1%CVE-2025-12407MEDIUMEvents Manager – Calendar, Bookings, Tickets, and more! <= 7.2.2.2 - Cross-Site Request Forgery to Location DeletionEPSS 0.1%CVE-2025-12358MEDIUMShopEngine <= 4.8.5 - Cross-Site Request Forgery to Wishlist ManipulationEPSS 0.1%CVE-2025-68529MEDIUMWordPress WP Email Capture plugin <= 3.12.5 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.1%CVE-2025-58217HIGHWordPress Instant Breaking News Plugin <= 1.0 - Cross Site Request Forgery (CSRF) VulnerabilityEPSS 0.1%CVE-2026-5365MEDIUMLatePoint <= 5.3.2 - Cross-Site Request Forgery via 'customer_cabinet__request_cancellation' AJAX RouteEPSS 0.1%CVE-2025-58991HIGHWordPress WooCommerce Booking Bundle Hours Plugin <= 0.7.4 - Cross Site Request Forgery (CSRF) VulnerabilityEPSS 0.1%CVE-2025-64271MEDIUMWordPress WP Plugin Manager plugin <= 1.4.7 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.1%CVE-2026-57690MEDIUMWordPress Werkstatt theme <= 4.7.2 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.1%CVE-2025-66061MEDIUMWordPress Seriously Simple Podcasting plugin <= 3.13.0 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.1%CVE-2025-10684MEDIUMConstruction Light < 1.6.8 - Subscriber+ Arbitrary Plugin ActivationEPSS 0.1%CVE-2026-32328MEDIUMWordPress Lemmony theme < 1.7.1 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.1%CVE-2025-14399MEDIUMDownload Plugins and Themes from Dashboard <= 1.9.6 - Cross-Site Request Forgery to Bulk Plugin/Theme ArchivalEPSS 0.1%CVE-2026-35220MEDIUMJoomla! Core - [20260505] - CSRF in user activation endpointEPSS 0.1%CVE-2026-25422MEDIUMWordPress Popularis Extra plugin <= 1.2.10 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.1%CVE-2026-53736MEDIUMEasy Twitter Feeds before 1.2.13 Cross-Site Request Forgery via duplicate_post ActionEPSS 0.1%CVE-2026-25337MEDIUMWordPress Coachify theme <= 1.1.5 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.1%CVE-2026-3903MEDIUMModular Connector <= 2.5.1 - Cross-Site Request Forgery via postConfirmOauthEPSS 0.1%