Falhas do tipo CWE-352

5.711 resultados
CVE-2023-29815HIGHmccms v2.6.3 is vulnerable to Cross Site Request Forgery (CSRF).EPSS 0.3%CVE-2022-44739MEDIUMWordPress Quick Restaurant Reservations Plugin <= 1.5.4 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.3%CVE-2024-40334HIGHidccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/serverFile_deal.php?mudi=upFileDel&dataIEPSS 0.3%CVE-2024-35559HIGHidccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /admin/infoMove_deal.php?mudi=rev&nohrefStr=cloEPSS 0.3%CVE-2024-40329HIGHidccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/softBak_deal.php?mudi=backupEPSS 0.3%CVE-2023-2301MEDIUMContact Form Builder by vcita <= 4.10.3 - Cross-Site Request Forgery to Stored Cross-Site ScriptingEPSS 0.3%CVE-2024-40034HIGHidccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/userLevel_deal.php?mudi=delEPSS 0.3%CVE-2023-30616MEDIUMCross Site Request Forgery due to missing nonce verification in form blockEPSS 0.3%CVE-2023-47556MEDIUMWordPress Device Theme Switcher Plugin <= 3.0.2 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.3%CVE-2024-12645MEDIUMChunghwa Telecom topm-client - Arbitrary File ReadEPSS 0.3%CVE-2022-30694MEDIUMThe login endpoint /FormLogin in affected web services does not apply proper origin checking. This could allow authenticated remote attacEPSS 0.3%CVE-2023-47667MEDIUMWordPress WP Full Stripe Free plugin <= 7.0.16 - Cross Site Request Forgery (CSRF) vulnerability on every Setting SaveEPSS 0.3%CVE-2023-49155MEDIUMWordPress Button Generator – easily Button Builder Plugin <= 2.3.8 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.3%CVE-2023-27441MEDIUMWordPress New Adman Plugin <= 1.6.8 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.3%CVE-2022-35656MEDIUMPega Platform from 8.3 to 8.7.3 vulnerability may allow authenticated security administrators to alter CSRF settings directly.EPSS 0.3%CVE-2023-47672MEDIUMWordPress WP Category Post List Widget Plugin <= 2.0.3 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.3%CVE-2023-49763MEDIUMWordPress CSprite Plugin <= 1.1 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.3%CVE-2023-27442MEDIUMWordPress Leyka Plugin <= 3.29.2 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.3%CVE-2023-47670MEDIUMWordPress Korea SNS Plugin <= 1.6.3 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.3%CVE-2023-47531MEDIUMWordPress Droit Dark Mode Plugin <= 1.1.2 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.3%