Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-352

CWE-352

Medium likelihood

Cross-Site Request Forgery (CSRF)

Parent: CWE-345 - Insufficient Verification of Data Authenticity

The web application does not, or cannot, sufficiently verify whether a request was intentionally provided by the user who sent the request, which could have originated from an unauthorized actor.

9,347 vulnerabilities with CWE-352

CVE-2024-49627 MEDIUM

Noor Alam WordPress Image SEO <1.1.4 - CSRF

CVE-2024-49306 MEDIUM

WP Content Copy Protection & No Right Click <= 3.5.9 - Cross-Site Request Forgery

CVE-2024-49290 MEDIUM

Cooked Pro < 1.8.0 - Cross-Site Request Forgery

CVE-2024-49275 MEDIUM

IdeaPush <= 8.69 - Cross-Site Request Forgery

CVE-2024-49274 MEDIUM

Infomaniak VOD Infomaniak <= 1.5.7 - Cross-Site Request Forgery

CVE-2024-49272 MEDIUM

wpweb Social Auto Poster <= 5.3.15 - Cross-Site Request Forgery

CVE-2024-49250 MEDIUM

Table of Contents Plus <= 2408 - Cross-Site Request Forgery

CVE-2024-47634 MEDIUM

CartBounty - WooCommerce <8.2 - CSRF

CVE-2024-49629 HIGH

Fahad Mahmood Endless Posts Navigation <2.2.7 - CSRF

CVE-2024-49617 HIGH

Bhaskar Dhote Back Link Tracker - CSRF

CVE-2024-49615 HIGH

SafetyForms <= 1.0.0 - Cross-Site Request Forgery to Blind SQL Injection

CVE-2024-49605 HIGH

Avchat.Net AVChat Video Chat <2.2 - CSRF

CVE-2024-49335 HIGH

GoogleDrive folder list <= 2.2.2 - Cross-Site Request Forgery to Stored Cross-Site Scripting

CVE-2024-49622 HIGH

Apa Apa Banner Slider <1.0.0 - CSRF/XSS

CVE-2024-49621 HIGH

Apa APA Register Newsletter Form <1.0.0 - CSRF/XSS

CVE-2024-10040 MEDIUM

Infinite-Scroll < 2.6.2 - Cross-Site Request Forgery via Missing Nonce Validation

CVE-2024-49313 HIGH

RudeStan VKontakte Wall Post <2.0 - CSRF

CVE-2024-49304 MEDIUM

Pinpoint Booking System <2.9.9.5.1 - CSRF

CVE-2024-49237 HIGH

ahmeti Ahmeti Wp Timeline <= 5.1 - Cross-Site Request Forgery to Stored Cross-Site Scripting

CVE-2024-49223 HIGH

CJ Change Howdy <= 3.3.1 - Cross-Site Request Forgery

CVE-2024-49221 HIGH

cSlider <= 2.4.2 - Cross-Site Request Forgery

CVE-2024-49220 HIGH

Cookie Scanner <= 1.1 - Cross-Site Request Forgery

CVE-2024-48048 HIGH

Wsify Widget <= 1.0 - Cross-Site Request Forgery to Stored Cross-Site Scripting

CVE-2024-48037 MEDIUM

A WP Life Contact Form Widget <1.4.2 - CSRF

CVE-2024-48031 MEDIUM

Featured Posts with Multiple Custom Groups (FPMCG) <= 4.0 - Cross-Site Request Forgery

Previous Page 109 of 374 Next

Details

Vulnerabilities 9,347

Exploit Likelihood Medium

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy