Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-352

CWE-352

Medium likelihood

Cross-Site Request Forgery (CSRF)

Parent: CWE-345 - Insufficient Verification of Data Authenticity

The web application does not, or cannot, sufficiently verify whether a request was intentionally provided by the user who sent the request, which could have originated from an unauthorized actor.

9,347 vulnerabilities with CWE-352

CVE-2024-54408 MEDIUM

Jake H. YouTube Video Grid <1.9 - CSRF

CVE-2024-54407 HIGH

CK & SyntaxHighlighter <3.4.2 - CSRF/XSS

CVE-2024-54405 HIGH

ECT Social Share <= 1.3 - Cross-Site Request Forgery to Stored Cross-Site Scripting

CVE-2024-54404 HIGH

MDC Comment Toolbar <= 1.1 - Cross-Site Request Forgery to Stored Cross-Site Scripting

CVE-2024-54401 HIGH

Turcu Ciprian Advanced Fancybox -n/a-1.1.1 - XSS

CVE-2024-54400 HIGH

AppMaps <= 1.1 - Cross-Site Request Forgery to Stored Cross-Site Scripting

CVE-2024-54399 HIGH

CRUDLab Google Plus Button <1.0.2 - CSRF

CVE-2024-54398 HIGH

Project Caruso Flaming Forms <1.0.1 - CSRF

CVE-2024-54397 HIGH

Go Animate - Cross-Site Request Forgery

CVE-2024-54396 MEDIUM

Bet sport Free <= 1.0.0 - Cross-Site Request Forgery

CVE-2024-54394 HIGH

Mandrill WP <= 1.0.5 - Cross-Site Request Forgery to Stored Cross-Site Scripting

CVE-2024-54393 HIGH

Sheikh Heera WP Fiddle <= 1.0 - Cross-Site Request Forgery to Stored Cross-Site Scripting

CVE-2024-54392 HIGH

Midoks WP <= 5.3.5 - Cross-Site Request Forgery to Stored Cross-Site Scripting

CVE-2024-54391 HIGH

WordPress Filter <= 1.4.1 - Cross-Site Request Forgery to Stored Cross-Site Scripting

CVE-2024-54389 HIGH

Eduardo Chiaro addWeather <2.5.1 - CSRF

CVE-2024-54388 HIGH

Phuc Pham Multiple Admin Emails - CSRF

CVE-2024-54386 HIGH

Push Monkey Pro - Web Push Notifications & WooCommerce Abandoned Ca...

CVE-2024-54372 CRITICAL

Sourov Amin Insertify <1.1.4 - CSRF

CVE-2024-54368 CRITICAL

Ruben Garza, Jr. GitSync <1.1.0 - CSRF

CVE-2024-54356 MEDIUM

vCita.com Online Booking & Scheduling Calendar for WordPress <4.5 -...

CVE-2024-54355 MEDIUM

brandtoss WP Mailster <1.8.17.0 - CSRF

CVE-2024-54353 HIGH

WPGear Hack-Info <= 3.17 - Cross-Site Request Forgery to Stored Cross-Site Scripting

CVE-2024-54352 HIGH

Sogrid <1.5.2 - CSRF/Privilege Escalation

CVE-2024-54332 HIGH

WPFactory WP Currency Exchange Rates -<1.2.0 - XSS

CVE-2024-54331 HIGH

I Plant A Tree <= 1.7.3 - Cross-Site Request Forgery to Stored Cross-Site Scripting

Previous Page 100 of 374 Next

Details

Vulnerabilities 9,347

Exploit Likelihood Medium

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy