Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-352

CWE-352

Medium likelihood

Cross-Site Request Forgery (CSRF)

Parent: CWE-345 - Insufficient Verification of Data Authenticity

The web application does not, or cannot, sufficiently verify whether a request was intentionally provided by the user who sent the request, which could have originated from an unauthorized actor.

9,347 vulnerabilities with CWE-352

CVE-2024-7687 MEDIUM

AZIndex WordPress plugin < 0.8.1 - Cross-Site Request Forgery and Stored Cross-Site Scripting

CVE-2024-6925 MEDIUM

TrueBooker < 1.0.2 - Cross-Site Request Forgery in Settings Update

CVE-2024-6856 MEDIUM

WP MultiTasking < 0.1.12 - Cross-Site Request Forgery in Settings Update

CVE-2024-6855 MEDIUM

WP MultiTasking < 0.1.12 - Cross-Site Request Forgery in Exit Popup Update

CVE-2024-6853 MEDIUM

WP MultiTasking < 0.1.12 - Cross-Site Request Forgery in Welcome Popup Update

CVE-2024-6852 MEDIUM

WP MultiTasking < 0.1.12 - Cross-Site Request Forgery in Settings Update

CVE-2024-45172 MEDIUM

za-internet C-MOR Video Surveillance <6.00PL01 - CSRF

CVE-2024-8414 MEDIUM

SourceCodester Insurance Management System 1.0 - CSRF

CVE-2024-7690 MEDIUM

DN Popup WordPress Plugin <= 1.2.2 - Cross-Site Request Forgery in Settings Update

CVE-2024-45527 MEDIUM

REDCap 14.7.0 - Cross-Site Request Forgery via Project Title HTML Injection

CVE-2024-45270 MEDIUM

Carousel Slider < 2.2.4 - Cross-Site Request Forgery in Hero Image Selection

CVE-2024-45269 MEDIUM

Carousel Slider < 2.0 - Cross-Site Request Forgery in Carousel Image Selection

CVE-2024-8319 MEDIUM

Tourfic < 2.11.20 - Cross-Site Request Forgery via Missing Nonce Validation

CVE-2024-43947 MEDIUM

Dinesh Karki WP Armour Extended <= 1.26 - Cross-Site Request Forgery

CVE-2024-42793 HIGH

Kashipara Music Management System v1.0 - CSRF

CVE-2024-8200 MEDIUM

Reviews Feed - WordPress <1.1.2 - CSRF

CVE-2024-45264 HIGH

SkySystem Arfa-CMS <5.1.3124 - CSRF

CVE-2024-43356 MEDIUM

bobbingwide oik <= 4.12.0 - Cross-Site Request Forgery

CVE-2024-43340 MEDIUM

Advanced Form Integration <= 1.89.4 - Cross-Site Request Forgery

CVE-2024-43339 MEDIUM

WebinarPress < 1.33.20 - Cross-Site Request Forgery

CVE-2024-43337 MEDIUM

Brave Popup Builder < 0.7.0 - Cross-Site Request Forgery

CVE-2024-43336 MEDIUM

WP User Manager <= 2.9.10 - Cross-Site Request Forgery

CVE-2024-43325 MEDIUM

Naiche Dark Mode for WP Dashboard <1.2.3 - CSRF

CVE-2024-43316 MEDIUM

Stripe Payments For WooCommerce <1.9.1 - CSRF

CVE-2024-43301 HIGH

Fonts Plugin Fonts <= 3.7.7 - Cross-Site Request Forgery to Stored Cross-Site Scripting

Previous Page 113 of 374 Next

Details

Vulnerabilities 9,347

Exploit Likelihood Medium

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy