Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-352

CWE-352

Medium likelihood

Cross-Site Request Forgery (CSRF)

Parent: CWE-345 - Insufficient Verification of Data Authenticity

The web application does not, or cannot, sufficiently verify whether a request was intentionally provided by the user who sent the request, which could have originated from an unauthorized actor.

9,347 vulnerabilities with CWE-352

CVE-2024-12349 MEDIUM

JFinalCMS 1.0 - Cross-Site Request Forgery in /admin/tag/save

CVE-2024-12115 MEDIUM

Poll Maker < 5.5.5 - Cross-Site Request Forgery via duplicate_poll() Function

CVE-2024-54205 HIGH

Paloma Widget <= 1.14 - Cross-Site Request Forgery

CVE-2024-53809 MEDIUM

Namaste! LMS <= 2.6.4.1 - Cross-Site Request Forgery

CVE-2024-12003 MEDIUM

WP System <= 1.1.1 - Cross-Site Request Forgery via generate_wp_system_page_content()

CVE-2024-11444 MEDIUM

CLUEVO LMS - Cross-Site Request Forgery

CVE-2024-11336 MEDIUM

Clickbank WordPress Plugin (Storefront) <= 1.7 - Cross-Site Request Forgery via cs_menu Page

CVE-2024-10480 MEDIUM

3DPrint Lite < 2.1 - Cross-Site Request Forgery in Settings Update

CVE-2024-53472 HIGH

WeGIA 3.2.0 - Cross-Site Request Forgery

CVE-2024-48846 HIGH

ABB ASPECT/MATRIX/NEXUS Firmware < 3.08.03 - Cross-Site Request Forgery

CVE-2024-11341 MEDIUM

Simple Redirection WordPress <=1.5 - CSRF

CVE-2024-39163 HIGH

pyspider <= 0.3.10 - Cross-Site Request Forgery via Flask Endpoints

CVE-2024-11813 MEDIUM

Pulsating Chat Button <1.3.6 - CSRF

CVE-2024-41776 MEDIUM

IBM Cognos Controller 11.0.0 and 11.0.1 - Cross-Site Request Forgery

CVE-2024-53793 HIGH

eDoc Easy Tables <= 1.29 - Cross-Site Request Forgery to Blind SQL Injection

CVE-2024-53789 HIGH

Advanced What should we write next about <1.0.3 - CSRF

CVE-2024-53782 HIGH

CMSaccount Photo Video Store <21.07 - XSS

CVE-2024-53781 HIGH

Home Junction SpatialMatch IDX <3.0.9 - CSRF

CVE-2024-53780 HIGH

Rajeev Chauhan Load More Posts <1.4.0 - CSRF

CVE-2024-53779 HIGH

Yahoo! WebPlayer <= 2.0.6 - Cross-Site Request Forgery to Stored Cross-Site Scripting

CVE-2024-53777 HIGH

Alberto Reineri Simple Header and Footer <1.0.0 - CSRF

CVE-2024-53776 HIGH

Raphael Heide Donate Me <1.2.5 - CSRF

CVE-2024-53775 MEDIUM

TannerRitchie Web Applications/DancePress DancePress - CSRF

CVE-2024-53770 HIGH

RingCentral Communications <1.6.1 - CSRF

CVE-2024-53769 HIGH

Ludovic RIAUDEL Custom Post Type to Map Store - CSRF

Previous Page 102 of 374 Next

Details

Vulnerabilities 9,347

Exploit Likelihood Medium

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy