Fallos del tipo CWE-352

5687 resultados
CVE-2024-1879HIGHCSRF to RCE in significant-gravitas/autogptEPSS 0.5%CVE-2022-0681Simple Membership < 4.1.0 - Arbitrary Transaction Deletion via CSRFEPSS 0.5%CVE-2021-24843SupportCandy < 2.2.7 - Arbitrary Ticket Deletion via CSRFEPSS 0.5%CVE-2022-0445WordPress Real Cookie Banner < 2.14.2 - Settings Reset via CSRFEPSS 0.5%CVE-2024-6316HIGHGenerate PDF using Contact Form 7 <= 4.1.2 - Cross-Site Request Forgery to Arbitrary File UploadEPSS 0.5%CVE-2020-7336MEDIUMNetwork Security Management (NSM) - Cross Site Request Forgery vulnerabilityEPSS 0.5%CVE-2021-25098Easy Pricing Tables < 3.1.3 - Arbitrary Post Removal via CSRFEPSS 0.5%CVE-2021-41275CRITICALAuthentication Bypass by CSRF WeaknessEPSS 0.5%CVE-2020-29030HIGHInsufficient CSRF guardsEPSS 0.5%CVE-2021-24636Print My Blog < 3.4.2 - Plugin Deactivation via CSRFEPSS 0.5%CVE-2021-24641Images to WebP < 1.9 - Multiple Cross Site Request Forgery (CSRF)EPSS 0.5%CVE-2021-39209HIGHBypassable CSRF protectionEPSS 0.5%CVE-2022-2443HIGHFreeMind WP Browser <= 1.2 - Cross-Site Request Forgery to Cross-Site ScriptingEPSS 0.5%CVE-2016-9456Revive Adserver before 3.2.3 suffers from Cross-Site Request Forgery (CSRF). The Revive Adserver team conducted a security audit of the admiEPSS 0.5%CVE-2022-1791One Click Plugin Updater <= 2.4.14 - Arbitrary Settings Update via CSRFEPSS 0.5%CVE-2022-1779Auto Delete Posts <= 1.3.0 - Arbitrary Settings Update via CSRFEPSS 0.5%CVE-2024-13720HIGHWP Image Uploader <= 1.0.1 - Missing Authorization to Authenticated (Subscriber+) Arbitrary File DeletionEPSS 0.5%CVE-2023-24437HIGHA cross-site request forgery (CSRF) vulnerability in Jenkins JIRA Pipeline Steps Plugin 2.0.165.v8846cf59f3db and earlier allows attackers tEPSS 0.5%CVE-2023-24447HIGHA cross-site request forgery (CSRF) vulnerability in Jenkins RabbitMQ Consumer Plugin 2.8 and earlier allows attackers to connect to an attaEPSS 0.5%CVE-2022-2541HIGHuContext for Amazon <= 3.9.1 - Cross-Site Request Forgery to Cross-Site ScriptingEPSS 0.5%