Falhas do tipo CWE-352

5.743 resultados
CVE-2026-39710MEDIUMWordPress RT-Theme 18 | Extensions plugin <= 2.5 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.1%CVE-2025-62497LOWCross-site request forgery vulnerability exists in SNC-CX600W versions prior to Ver.2.8.0. If a user accesses a specially crafted webpage whEPSS 0.1%CVE-2025-49353HIGHWordPress Noindex by Path plugin <= 1.0 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.1%CVE-2025-49354HIGHWordPress Recent Posts From Each Category plugin <= 1.4 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.1%CVE-2025-40841MEDIUMEricsson Indoor Connect 8855 - Cross-Site Request Forgery VulnerabilityEPSS 0.1%CVE-2025-68885HIGHWordPress Custom Post Status plugin <= 1.1.0 - Cross Site Request Forgery (CSRF) to Stored XSS vulnerabilityEPSS 0.1%CVE-2026-25024MEDIUMWordPress ThirstyAffiliates plugin <= 3.11.9 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.1%CVE-2026-39633MEDIUMWordPress Grand Car Rental theme <= 3.6.9 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.1%CVE-2025-62117MEDIUMWordPress EasyIndex plugin <= 1.1.1704 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.1%CVE-2025-66595MEDIUMA vulnerability has been found in FAST/TOOLS provided by Yokogawa Electric Corporation. This product is vulnerable to Cross-Site Request EPSS 0.1%CVE-2025-31957LOWHCL BigFix Service Management (SM) is affected by a Cross‑Site Request Forgery (CSRF) vulnerability.EPSS 0.1%CVE-2026-27050MEDIUMWordPress RealPress plugin <= 1.1.0 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.1%CVE-2026-24986MEDIUMWordPress Simple Membership WP user Import plugin <= 1.9.1 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.1%CVE-2026-27415MEDIUMWordPress BEAR plugin <= 1.1.5 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.1%CVE-2026-2324MEDIUMLatePoint – Calendar Booking Plugin for Appointments and Events <= 5.2.7 - Cross-Site Request Forgery in Booking Form Settings Update to Stored Cross-Site ScriptingEPSS 0.1%CVE-2025-62120MEDIUMWordPress OpenHook plugin <= 4.3.1 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.1%CVE-2025-62134MEDIUMWordPress Contact Form Widget plugin <= 1.5.1 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.1%CVE-2025-49343HIGHWordPress Social Profilr plugin <= 1.0 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.1%CVE-2025-49346HIGHWordPress Simple Archive Generator plugin <= 5.2 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.1%CVE-2025-49344HIGHWordPress SensitiveTagCloud plugin <= 1.4.1 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.1%