Falhas do tipo CWE-352

5.743 resultados
CVE-2025-2863MEDIUMCross-site request forgery (CSRF) vulnerability in saTECH BCUEPSS 0.1%CVE-2025-59137HIGHWordPress Behance Portfolio Manager plugin <= 1.7.5 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.1%CVE-2025-49345HIGHWordPress WP-EasyArchives plugin <= 3.1.2 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.1%CVE-2025-49346HIGHWordPress Simple Archive Generator plugin <= 5.2 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.1%CVE-2025-49343HIGHWordPress Social Profilr plugin <= 1.0 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.1%CVE-2026-57758HIGHWordPress Permalink Manager for WooCommerce plugin <= 1.0.8.2 - CSRF to Stored XSS vulnerabilityEPSS 0.1%CVE-2025-59131HIGHWordPress WP-CalDav2ICS plugin <= 1.3.4 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.1%CVE-2026-27632LOWTalishar Vulnerable to Cross-Site Request Forgery (CSRF)EPSS 0.1%CVE-2025-68604MEDIUMWordPress WPGraphQL plugin <= 2.5.3 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.1%CVE-2025-62346MEDIUMHCL Glovius Cloud is susceptible to a Cross-Site Request Forgery (CSRF) vulnerabilityEPSS 0.1%CVE-2025-31054HIGHWordPress Bloggie theme <= 2.0.8 - Cross Site Scripting (XSS) VulnerabilityEPSS 0.1%CVE-2026-13243MEDIUMSalesforce Suite - Moderately critical - Cross-site request forgery - SA-CONTRIB-2026-063EPSS 0.1%CVE-2025-49028HIGHWordPress Zoho ZeptoMail plugin <= 3.3.1 - Cross Site Request Forgery (CSRF) to Stored XSS vulnerabilityEPSS 0.1%CVE-2026-58518MEDIUMCross-Site request forgery (CSRF) vulnerability in The Wikimedia Foundation Mediawiki - RedirectManager Extension allows Cross Site Request EPSS 0.1%CVE-2025-66629LOWHedgeDoc is missing state parameter in OAuth2 flows could lead to CSRFEPSS 0.1%CVE-2025-51733MEDIUMCross-Site Request Forgery (CSRF) vulnerability in HCL Technologies Ltd. Unica 12.0.0.EPSS 0.1%CVE-2025-31963LOWHCL BigFix IVR is impacted by improper authentication and missing CSRF protectionEPSS 0.1%CVE-2026-29084MEDIUMGokapi: CSRF in Login EndpointEPSS 0.1%CVE-2026-52100HIGHCross Site Request Forgery vulnerability in andreimarcu linux-server v.1.0 through v.2.3.8 allows a remote attacker to execute arbitrary codEPSS CVE-2026-20296HIGHSPL Command Safeguards Bypass through Cross-Site Request Forgery (CSRF) in Deployment Server in Splunk EnterpriseEPSS