Falhas do tipo CWE-352

5.695 resultados
CVE-2020-36747MEDIUMLightweight Sidebar Manager <= 1.1.4 - Cross-Site Request Forgery BypassEPSS 0.4%CVE-2020-36746MEDIUMMenu Swapper <= 1.1.0.2 - Cross-Site Request Forgery BypassEPSS 0.4%CVE-2022-29441MEDIUMWordPress Private Messages For WordPress plugin <= 2.1.10 - Sending Messages via Cross-Site Request Forgery (CSRF) vulnerabilityEPSS 0.4%CVE-2020-36749MEDIUMEasy Testimonials <= 3.6.1 - Cross-Site Request Forgery BypassEPSS 0.4%CVE-2020-36748MEDIUMDokan <= 3.0.8 - Cross-Site Request Forgery BypassEPSS 0.4%CVE-2024-47879HIGHOpenRefine's PreviewExpressionCommand, which is eval, lacks protection against cross-site request forgery (CSRF)EPSS 0.4%CVE-2019-5431This vulnerability was caused by an incomplete fix to CVE-2017-0911. Twitter Kit for iOS versions 3.0 to 3.4.0 is vulnerable to a callback vEPSS 0.4%CVE-2021-4386MEDIUMWP Security Question <= 1.0.5 - Cross-Site Request Forgery BypassEPSS 0.4%CVE-2024-3143MEDIUMDedeCMS member_rank.php cross-site request forgeryEPSS 0.4%CVE-2024-3151MEDIUMBdtask Multi-Store Inventory Management System Stock Movement Page cross-site request forgeryEPSS 0.4%CVE-2023-0674MEDIUMXXL-JOB New Password updatePwd cross-site request forgeryEPSS 0.4%CVE-2021-37234MEDIUMIncorrect Access Control vulnerability in Modern Honey Network commit 0abf0db9cd893c6d5c727d036e1f817c02de4c7b allows remote attackers to viEPSS 0.4%CVE-2023-0406MEDIUMCross-Site Request Forgery (CSRF) in modoboa/modoboaEPSS 0.4%CVE-2022-2987HIGHLdap WP Login / Active Directory Integration < 3.0.2 - Unauthenticated Settings Update to Auth BypassEPSS 0.4%CVE-2021-3976MEDIUMCross-Site Request Forgery (CSRF) in kevinpapst/kimai2EPSS 0.4%CVE-2024-22424HIGHCross-Site Request Forgery (CSRF) in github.com/argoproj/argo-cdEPSS 0.4%CVE-2023-29020MEDIUMCross site request forgery token fixation in fastify-passportEPSS 0.4%CVE-2020-36735MEDIUMWP ERP | Complete HR solution with recruitment & job listings | WooCommerce CRM & Accounting <= 1.6.3 - Cross-Site Request Forgery BypassEPSS 0.4%CVE-2019-25064MEDIUMCoreHR Core Portal cross-site request forgeryEPSS 0.4%CVE-2021-32929MEDIUMUffizio GPS Tracker Cross-site Request ForgeryEPSS 0.4%