Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-352

CWE-352

Medium likelihood

Cross-Site Request Forgery (CSRF)

Parent: CWE-345 - Insufficient Verification of Data Authenticity

The web application does not, or cannot, sufficiently verify whether a request was intentionally provided by the user who sent the request, which could have originated from an unauthorized actor.

9,347 vulnerabilities with CWE-352

CVE-2024-46085 HIGH

FrogCMS V0.9.5 - Cross-Site Request Forgery via File Manager Rename Endpoint

CVE-2024-8490 HIGH

PropertyHive <= 2.0.19 - Cross-Site Request Forgery via save_account_details Function

CVE-2024-8093 MEDIUM

Posts reminder WordPress plugin < 0.20 - Cross-Site Request Forgery in Settings Update

CVE-2024-8092 MEDIUM

Accordion Image Menu WP <3.1.3 - CSRF

CVE-2024-8091 MEDIUM

WordPress Enhanced Search Box <0.6.1 - CSRF

CVE-2024-8052 MEDIUM

Review Ratings < 1.6 - Cross-Site Request Forgery and Stored Cross-Site Scripting

CVE-2024-8051 MEDIUM

Special Feed Items < 1.0.1 - Cross-Site Request Forgery and Stored Cross-Site Scripting

CVE-2024-8047 MEDIUM

Visual Sound (old) WordPress <1.06 - CSRF

CVE-2024-8044 MEDIUM

infolinks Ad Wrap < 1.0.2 - Cross-Site Request Forgery in Settings Update

CVE-2024-8043 MEDIUM

Vikinghammer Tweet < 0.2.4 - Cross-Site Request Forgery and Stored Cross-Site Scripting

CVE-2024-6862 HIGH

lunary < 1.4.10 - Cross-Site Request Forgery via Overly Permissive CORS Settings

CVE-2024-7423 HIGH

Stream < 4.0.1 - Cross-Site Request Forgery via Network Options Action

CVE-2024-7864 MEDIUM

Favicon Generator < 2.1 - Cross-Site Request Forgery and Arbitrary File Deletion via output_sub_admin_page_0()

CVE-2024-7863 MEDIUM

Favicon Generator < 2.1 - Authenticated Arbitrary File Upload and Cross-Site Request Forgery

CVE-2024-7862 MEDIUM

blogintroduction-wordpress-plugin <= 0.3.0 - Cross-Site Request Forgery in Settings Update

CVE-2024-7859 MEDIUM

Visual Sound < 1.03 - Cross-Site Request Forgery in Settings Update

CVE-2024-7820 MEDIUM

ILC Thickbox < 1.0 - Cross-Site Request Forgery in Settings Update

CVE-2024-7817 MEDIUM

Misiek Photo Album < 1.4.3 - Cross-Site Request Forgery via Album Deletion

CVE-2024-7816 MEDIUM

Gixaw Chat < 1.0 - Cross-Site Request Forgery and Stored Cross-Site Scripting

CVE-2024-6017 MEDIUM

Music Request Manager < 1.3 - Cross-Site Request Forgery and Stored Cross-Site Scripting

CVE-2024-3163 MEDIUM

Easy Property Listings <3.5.4 - CSRF

CVE-2024-44677 CRITICAL

eladmin < 2.7 - Server-Side Request Forgery via DatabaseController.java

CVE-2024-45504 MEDIUM

InterSafe WebFilter < V9.1SP4 Build1653 - Cross-Site Request Forgery

CVE-2024-7689 MEDIUM

Snapshot Backup < 2.1.1 - Cross-Site Request Forgery and Stored Cross-Site Scripting

CVE-2024-7688 MEDIUM

AZIndex < 0.8.1 - Cross-Site Request Forgery via Arbitrary Index Deletion

Previous Page 112 of 374 Next

Details

Vulnerabilities 9,347

Exploit Likelihood Medium

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy