Falhas do tipo CWE-352

5.742 resultados
CVE-2026-35220MEDIUMJoomla! Core - [20260505] - CSRF in user activation endpointEPSS 0.1%CVE-2026-25322MEDIUMWordPress PublishPress Revisions plugin <= 3.7.22 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.1%CVE-2026-53736MEDIUMEasy Twitter Feeds before 1.2.13 Cross-Site Request Forgery via duplicate_post ActionEPSS 0.1%CVE-2025-10684MEDIUMConstruction Light < 1.6.8 - Subscriber+ Arbitrary Plugin ActivationEPSS 0.1%CVE-2026-32328MEDIUMWordPress Lemmony theme < 1.7.1 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.1%CVE-2026-53739MEDIUMYoast Duplicate Post through 4.6 Cross-Site Request Forgery via duplicate_post_dismiss_noticeEPSS 0.1%CVE-2026-1051MEDIUMNewsletter – Send awesome emails from WordPress <= 9.1.0 - Cross-Site Request Forgery to Newsletter UnsubscriptionEPSS 0.1%CVE-2026-25337MEDIUMWordPress Coachify theme <= 1.1.5 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.1%CVE-2026-40703MEDIUMBIG-IP Configuration utility CSRF vulnerabilityEPSS 0.1%CVE-2026-32420MEDIUMWordPress GamiPress plugin <= 7.6.6 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.1%CVE-2025-7841MEDIUMSertifier Certificate & Badge Maker for WordPress – Tutor LMS <= 1.19 - Cross-Site Request Forgery to Settings UpdateEPSS 0.1%CVE-2024-9592MEDIUMEasy PayPal Gift Certificate <= 1.2.3 - Cross-Site Request Forgery to Stored Cross-Site Scripting via wpppgc_plugin_optionsEPSS 0.1%CVE-2025-62986HIGHWordPress FanBridge signup plugin <= 0.6 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.1%CVE-2026-8340LOWConcrete CMS 9.5.0 and below is vulnerable to CSRF via Backend\File::approveVersionEPSS 0.1%CVE-2026-9721MEDIUMBook a Room Event Calendar <= 1.9 - Cross-Site Request Forgery to Settings UpdateEPSS 0.1%CVE-2026-34721MEDIUMZammad has Cross-site request forgery (CSRF) in OAuth callback endpointsEPSS 0.1%CVE-2026-58315MEDIUMCross-site request forgery vulnerability exists in SEIKO EPSON Web Config. If a user views a malicious page while logged into Web Config, unEPSS 0.1%CVE-2026-12002MEDIUMSmash Balloon Social Photo Feed – Easy Social Feeds Plugin <= 6.11.1 - Cross-Site Request Forgery to oEmbed Access Token Overwrite via 'sbi_access_token' ParameterEPSS 0.1%CVE-2026-27518MEDIUMBinardat 10G08-0800GSM Network Switch CSRFEPSS 0.1%CVE-2025-14904MEDIUMNewsletter Email Subscribe <= 2.4 - Cross-Site Request Forgery to Plugin Settings UpdateEPSS 0.1%