Falhas do tipo CWE-352
5.711 resultadosCVE-2023-27520MEDIUMCross-site request forgery (CSRF) vulnerability in SEIKO EPSON printers/network interface Web Config allows a remote unauthenticated attackeEPSS 0.3%CVE-2024-42557HIGHA Cross-Site Request Forgery (CSRF) in the component admin_modify_room.php of Hotel Management System commit 91caab8 allows attackers to escEPSS 0.3%CVE-2023-1028MEDIUMWP Meta SEO <= 4.5.3 - Cross-Site Request Forgery via 'setIgnore'EPSS 0.3%CVE-2023-3198MEDIUMMStore API <= 3.9.6 - Cross-Site Request Forgery to Order Status UpdateEPSS 0.3%CVE-2018-17451HIGHAn issue was discovered in GitLab Community and Enterprise Edition before 11.1.7, 11.2.x before 11.2.4, and 11.3.x before 11.3.1. There is CEPSS 0.3%CVE-2023-3075HIGHCross-Site Request Forgery (CSRF) in tsolucio/corebosEPSS 0.3%CVE-2024-9847HIGHCross-Site Request Forgery (CSRF) in flatpressblog/flatpressEPSS 0.3%CVE-2023-35041HIGHWordPress Webpushr Plugin <= 4.34.0 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.3%CVE-2021-33396MEDIUMCross Site Request Forgery (CSRF) vulnerability in baijiacms 4.1.4, allows attackers to change the password or other information of an arbitEPSS 0.3%CVE-2023-3203MEDIUMMStore API <= 3.9.6 - Cross-Site Request Forgery to Product Limit UpdateEPSS 0.3%CVE-2024-28675HIGHDedeCMS v5.7 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /dede/diy_edit.phpEPSS 0.3%CVE-2023-3201MEDIUMMStore API <= 3.9.6 - Cross-Site Request Forgery to Order Title UpdateEPSS 0.3%CVE-2023-3200MEDIUMMStore API <= 3.9.6 - Cross-Site Request Forgery to Order Message UpdateEPSS 0.3%CVE-2022-46062MEDIUMGym Management System v0.0.1 is vulnerable to Cross Site Request Forgery (CSRF).EPSS 0.3%CVE-2024-27689HIGHStupid Simple CMS v1.2.4 was discovered to contain a Cross-Site Request Forgery (CSRF) via /update-article.php.EPSS 0.3%CVE-2023-32602MEDIUMWordPress CALL ME NOW Plugin <= 3.0 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.3%CVE-2025-27298HIGHWordPress WP Video Posts plugin <= 3.5.1 - CSRF to Remote Code Execution (RCE) vulnerabilityEPSS 0.3%CVE-2023-32594MEDIUMWordPress Hyphenator Plugin <= 5.1.5 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.3%CVE-2021-47976HIGHTextPattern CMS 4.9.0-dev Authenticated Remote Code Execution via Plugin UploadEPSS 0.3%CVE-2024-40488HIGHA Cross-Site Request Forgery (CSRF) vulnerability was found in the Kashipara Live Membership System v1.0. This could lead to an attacker triEPSS 0.3%