Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-352

CWE-352

Medium likelihood

Cross-Site Request Forgery (CSRF)

Parent: CWE-345 - Insufficient Verification of Data Authenticity

The web application does not, or cannot, sufficiently verify whether a request was intentionally provided by the user who sent the request, which could have originated from an unauthorized actor.

9,347 vulnerabilities with CWE-352

CVE-2024-5815 MEDIUM

GitHub Enterprise Server < 3.14 - Cross-Site Request Forgery via Incorrect Request Types

CVE-2024-40455 LOW

ThinkSAAS 3.7 - Arbitrary File Deletion

CVE-2024-6075 HIGH

Tipsandtricks-hq WP Estore < 8.5.5 - CSRF

CVE-2024-5287 HIGH

wp-affiliate-platform < 6.5.1 - Cross-Site Request Forgery in Settings Update

CVE-2024-5284 MEDIUM

wp-affiliate-platform < 6.5.1 - Cross-Site Request Forgery and Stored Cross-Site Scripting

CVE-2024-5280 MEDIUM

wp-affiliate-platform < 6.5.1 - Cross-Site Request Forgery and Stored Cross-Site Scripting

CVE-2024-5167 HIGH

WordPress CM Email Registration Blacklist and Whitelist <1.4.9 - CSRF

CVE-2024-5077 MEDIUM

wp-eMember < 10.6.6 - Cross-Site Request Forgery and Stored Cross-Site Scripting

CVE-2024-5076 HIGH

wp-eMember < 10.6.6 - Cross-Site Request Forgery

CVE-2024-5034 HIGH

SULly < 4.3.1 - Cross-Site Request Forgery

CVE-2024-5033 MEDIUM

SULly < 4.3.1 - Cross-Site Request Forgery and Stored Cross-Site Scripting

CVE-2024-5028 MEDIUM

CM WordPress Search And Replace Plugin < 1.3.9 - Cross-Site Request Forgery

CVE-2024-3632 MEDIUM

Smart Image Gallery < 1.0.19 - Cross-Site Request Forgery in Settings Update

CVE-2024-37941 MEDIUM

Internal Link Juicer: SEO Auto Linker for WordPress <2.24.3 - CSRF

CVE-2024-37940 HIGH

Seraphinite Accelerator (Full, premium) <= 2.21.13 - Cross-Site Request Forgery Leading to Arbitrary File Deletion

CVE-2024-37939 MEDIUM

VolThemes Patricia Lite <= 1.2.3 - Cross-Site Request Forgery

CVE-2024-37938 MEDIUM

MyThemeShop SociallyViral <1.0.10 - CSRF

CVE-2024-37213 HIGH

Ali2Woo Lite < 3.3.9 and AliNext <= 3.4.6 - Cross-Site Request Forgery

CVE-2024-35773 HIGH

Comment Reply Email <= 1.3 - Cross-Site Request Forgery to Stored Cross-Site Scripting

CVE-2024-6024 HIGH

ContentLock < 1.0.4 - Cross-Site Request Forgery via Group/Email Deletion

CVE-2024-6023 HIGH

ContentLock < 1.0.4 - Cross-Site Request Forgery via Email Addition

CVE-2024-6022 HIGH

ContentLock < 1.0.4 - Cross-Site Request Forgery in Settings Update

CVE-2024-1375 MEDIUM

Event post < 5.9.10 - Cross-Site Request Forgery via Missing Nonce Check in save_bulkdatas

CVE-2024-1845 HIGH

VikRentCar Car Rental Management System < 1.3.2 - Cross-Site Request Forgery

CVE-2024-6649 MEDIUM

Employee and Visitor Gate Pass Logging System 1.0 - Cross-Site Request Forgery in Users.php save_users Function

Previous Page 119 of 374 Next

Details

Vulnerabilities 9,347

Exploit Likelihood Medium

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy