Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-352

CWE-352

Medium likelihood

Cross-Site Request Forgery (CSRF)

Parent: CWE-345 - Insufficient Verification of Data Authenticity

The web application does not, or cannot, sufficiently verify whether a request was intentionally provided by the user who sent the request, which could have originated from an unauthorized actor.

9,347 vulnerabilities with CWE-352

CVE-2024-7645 MEDIUM

Clinics Patient Management System 1.0 - Cross-Site Request Forgery in User Page

CVE-2024-7574 MEDIUM

Christmasify! <= 1.5.5 - Cross-Site Request Forgery via Missing Nonce Validation

CVE-2024-6136 MEDIUM

WordPress Plugin <8.5.6 - CSRF

CVE-2024-40488 HIGH

Kashipara Live Membership System v1.0 - CSRF

CVE-2024-40476 HIGH

SourceCodester Best House Rental Management System v1.0 - CSRF

CVE-2024-7492 HIGH

MainWP Child Reports <= 2.2 - Cross-Site Request Forgery via network_options_action()

CVE-2024-6720 HIGH

Light Poll WordPress Plugin < 1.0.0 - Cross-Site Request Forgery

CVE-2024-41811 LOW

ipl/web < 0.10.1 - Cross-Site Request Forgery

CVE-2024-5081 MEDIUM

wp-eMember < 10.7.0 - Cross-Site Request Forgery and Stored Cross-Site Scripting

CVE-2024-2232 HIGH

2code/himer < 2.1.3 - Cross-Site Request Forgery via Group Invitation

CVE-2024-7460 MEDIUM

OSWAPP Warehouse Inventory System 1.0/2.0 - Cross-Site Request Forgery in /change_password.php

CVE-2024-7459 MEDIUM

OSWAPP Warehouse Inventory System 1.0/2.0 - Cross-Site Request Forgery in /edit_account.php

CVE-2024-38776 HIGH

WP GoToWebinar < 15.7 - Cross-Site Request Forgery to Cross-Site Scripting

CVE-2024-3238 HIGH

WordPress Menu Plugin <5.0.29 - XSS

CVE-2024-7367 MEDIUM

Simple Realtime Quiz System 1.0 - Cross-Site Request Forgery via /ajax.php?action=save_user

CVE-2024-32863 MEDIUM

exacqVision Web Service < 24.03 - Cross-Site Request Forgery

CVE-2024-7360 MEDIUM

Tracking Monitoring Management System 1.0 - Cross-Site Request Forgery via /ajax.php

CVE-2024-6040 HIGH

lollms_web_ui v9.8 - Cross-Site Request Forgery via Missing client_id Parameter

CVE-2024-6496 MEDIUM

Light Poll < 1.0.0 - Cross-Site Request Forgery via Poll Deletion

CVE-2024-3983 HIGH

WooCommerce Customers Manager <30.1 - CSRF

CVE-2024-2843 MEDIUM

WooCommerce Customers Manager < 30.1 - Cross-Site Request Forgery via User Deletion

CVE-2024-1747 MEDIUM

WooCommerce Customers Manager < 30.2 - CSRF & Stored XSS via AJAX Actions

CVE-2024-40883 HIGH

ELECOM Wireless LAN Routers - Cross-Site Request Forgery

CVE-2024-3083 HIGH

Proges Sensor Net Connect Firmware V2 - Cross-Site Request Forgery

CVE-2024-6412 MEDIUM

HTML Forms < 1.3.34 - Cross-Site Request Forgery

Previous Page 117 of 374 Next

Details

Vulnerabilities 9,347

Exploit Likelihood Medium

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy