Falhas do tipo CWE-352

5.699 resultados
CVE-2024-11125MEDIUMGetSimpleCMS profile.php cross-site request forgeryEPSS 0.4%CVE-2021-4399MEDIUMEdwiser Bridge <= 2.0.6 - Cross-Site Request Forgery BypassEPSS 0.4%CVE-2025-9890HIGHTheme Editor <= 3.0 - Cross-Site Request Forgery to Remote Code ExecutionEPSS 0.4%CVE-2022-29413MEDIUMWordPress Hermit 音乐播放器 plugin <= 3.1.6 - Cross-Site Request Forgery (CSRF) leading to Stored Cross-Site Scripting (XSS) vulnerabilityEPSS 0.4%CVE-2022-27860MEDIUMWordPress Footer Text plugin <= 2.0.3 - Cross-Site Request Forgery (CSRF) leading to Cross-Site Scripting (XSS) vulnerabilityEPSS 0.4%CVE-2021-36891MEDIUMWordPress Photo Gallery by Supsystic plugin <= 1.15.5 - Cross-Site Request Forgery (CSRF) leading to Plugin Settings ChangeEPSS 0.4%CVE-2024-7645MEDIUMSourceCodester Clinics Patient Management System User Page users.php cross-site request forgeryEPSS 0.4%CVE-2024-30965HIGHDedeCMS v5.7 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /src/dede/member_scores.php.EPSS 0.4%CVE-2023-48293HIGHXWiki Admin Tools Application CSRF with QueryOnXWiki allows arbitrary database queriesEPSS 0.4%CVE-2017-20062MEDIUMElefant CMS cross-site request forgeryEPSS 0.4%CVE-2023-38885HIGHOpenSIS Classic Community Edition version 9.0 lacks cross-site request forgery (CSRF) protection throughout the whole app. This may allow anEPSS 0.4%CVE-2023-47677HIGHA cross-site request forgery (csrf) vulnerability exists in the boa CSRF protection functionality of Realtek rtl819x Jungle SDK v3.4.11. A sEPSS 0.4%CVE-2021-34358MEDIUMCSRF Vulnerability in QmailAgentEPSS 0.4%CVE-2023-48058HIGHDreamer CMS v4.1.3 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /admin/task/runEPSS 0.4%CVE-2022-3119HIGHOAuth client Single Sign On for WordPress < 3.0.4 - Unauthenticated Settings Update to Authentication BypassEPSS 0.4%CVE-2023-22375HIGHCross-site request forgery (CSRF) vulnerability in Wired/Wireless LAN Pan/Tilt Network Camera CS-WMV02G all versions allows a remote unautheEPSS 0.4%CVE-2023-1722CRITICALYoga Class Registration System 1.0 - ATOEPSS 0.4%CVE-2025-31033CRITICALWordPress Buddypress Humanity plugin <= 1.2 - CSRF to Privilege Escalation vulnerabilityEPSS 0.4%CVE-2021-32991Delta Electronics DIAEnergie Version 1.7.5 and prior is vulnerable to cross-site request forgery, which may allow an attacker to cause a useEPSS 0.4%CVE-2023-2608LOWMultiple Page Generator Plugin <= 3.3.17 - Cross-Site Request Forgery to SQL InjectionEPSS 0.4%