Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-352

CWE-352

Medium likelihood

Cross-Site Request Forgery (CSRF)

Parent: CWE-345 - Insufficient Verification of Data Authenticity

The web application does not, or cannot, sufficiently verify whether a request was intentionally provided by the user who sent the request, which could have originated from an unauthorized actor.

9,347 vulnerabilities with CWE-352

CVE-2024-51636 HIGH

GMO Social Connection <= 1.2 - Cross-Site Request Forgery to Stored Cross-Site Scripting

CVE-2024-51635 HIGH

Garmur While Loading <= 3.0 - Cross-Site Request Forgery to Stored Cross-Site Scripting

CVE-2024-51634 HIGH

Webriti Custom Login <= 0.3 - Cross-Site Request Forgery to Reflected Cross-Site Scripting

CVE-2024-51633 HIGH

Simple Page Specific Sidebars <= 2.14.1 - Cross-Site Request Forgery to Stored Cross-Site Scripting

CVE-2024-51632 HIGH

SH Slideshow <= 4.3 - Cross-Site Request Forgery to Stored Cross-Site Scripting

CVE-2024-51631 HIGH

Sticky Social Bar <= 2.0 - Cross-Site Request Forgery

CVE-2024-50534 HIGH

Syed Umair Hussain Shah World Prayer Time - CSRF

CVE-2024-50533 HIGH

Domain Sharding <= 1.2.1 - Cross-Site Request Forgery to Stored Cross-Site Scripting

CVE-2024-43338 MEDIUM

Automattic, Inc. Crowdsignal Dashboard - CSRF

CVE-2024-52424 HIGH

wp-login-customizer <= 1.0 - Cross-Site Request Forgery leading to Stored Cross-Site Scripting

CVE-2024-48962 HIGH

Apache OFBiz < 18.12.17 - Cross-Site Request Forgery

CVE-2024-5030 LOW

CM Table Of Contents < 1.2.3 - Cross-Site Request Forgery via Settings Reset

CVE-2024-52415 HIGH

Skpstorm SK WP Settings Backup - CSRF

CVE-2024-6628 MEDIUM

EleForms <= 2.9.9.9 - Cross-Site Request Forgery via Form Submission Deletion

CVE-2024-11118 MEDIUM

404 Error Monitor <= 1.1 - Cross-Site Request Forgery via updatePluginSettings()

CVE-2024-51679 HIGH

GentleSource Appointmind <4.0.0 - CSRF

CVE-2024-51659 HIGH

GeekRMX Twitter @Anywhere Plus <= 2.0 - Cross-Site Request Forgery to Stored Cross-Site Scripting

CVE-2024-51658 HIGH

WP Course Manager <= 1.3 - Cross-Site Request Forgery to Stored Cross-Site Scripting

CVE-2024-51156 MEDIUM

07flycms V1.3.9 - Cross-Site Request Forgery via SysNotifyUser Delete Endpoint

CVE-2024-51687 HIGH

Platform.ly Official <= 1.1.3 - Cross-Site Request Forgery to Stored Cross-Site Scripting

CVE-2024-51684 HIGH

W3P SEO < 1.8.6 - Cross-Site Request Forgery to Stored Cross-Site Scripting

CVE-2024-51688 HIGH

FraudLabs Pro SMS Verification <1.10.1 - CSRF

CVE-2024-47914 MEDIUM

VaeMendis Ubooquity 2.1.2-2.1.4 - Cross-Site Request Forgery

CVE-2024-11143 MEDIUM

Kognetiks Chatbot for WordPress <= 2.1.8 - Cross-Site Request Forgery via Assistant Management Functions

CVE-2024-10593 MEDIUM

WPForms < 1.9.1.6 - Unauthenticated Cross-Site Request Forgery via Log Deletion

Previous Page 106 of 374 Next

Details

Vulnerabilities 9,347

Exploit Likelihood Medium

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy