Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-352

CWE-352

Medium likelihood

Cross-Site Request Forgery (CSRF)

Parent: CWE-345 - Insufficient Verification of Data Authenticity

The web application does not, or cannot, sufficiently verify whether a request was intentionally provided by the user who sent the request, which could have originated from an unauthorized actor.

9,347 vulnerabilities with CWE-352

CVE-2024-33689 MEDIUM

Tony Zeoli, Tony Hayes Radio Station - CSRF

CVE-2024-33688 MEDIUM

Extend Themes Teluro <= 1.0.31 - Cross-Site Request Forgery

CVE-2024-33683 MEDIUM

WP Republic Hide Dashboard Notifications <1.2.3 - CSRF

CVE-2024-33682 MEDIUM

Cookie Information A/S WP GDPR Compliance <2.0.23 - CSRF

CVE-2024-33680 MEDIUM

MainWP Child Reports <= 2.1.1 - Cross-Site Request Forgery

CVE-2024-33679 MEDIUM

FameTheme Demo Importer <1.1.5 - CSRF

CVE-2024-33678 MEDIUM

ClickCease - Cross-Site Request Forgery

CVE-2024-33677 MEDIUM

Contact Form 7 Extension For Mailchimp <0.5.70 - CSRF

CVE-2024-33651 MEDIUM

MF Gig Calendar < 1.2.1 - Cross-Site Request Forgery

CVE-2024-33650 MEDIUM

Cryout Creations Serious Slider - CSRF

CVE-2024-33638 MEDIUM

Brijesh Kothari Smart Maintenance Mode <1.4.4 - CSRF

CVE-2024-3059 MEDIUM

ENL Newsletter < 1.0.1 - Cross-Site Request Forgery via Campaign Deletion

CVE-2024-3058 MEDIUM

ENL Newsletter < 1.0.1 - Cross-Site Request Forgery and Stored Cross-Site Scripting

CVE-2024-2429 MEDIUM

Salon booking system < 9.6.6 - Cross-Site Request Forgery in Settings Update

CVE-2024-4172 MEDIUM

idcCMS 1.35 - Cross-Site Request Forgery in /admin/admin_cl.php

CVE-2024-30560 CRITICAL

DX-Watermark < 1.0.4 - Cross-Site Request Forgery to Arbitrary File Upload and Cross-Site Scripting

CVE-2024-32958 HIGH

Giorgos Sarigiannidis Slash Admin <3.8.1 - CSRF/XSS

CVE-2024-32947 MEDIUM

WP ADA Compliance Check Basic - CSRF

CVE-2024-32806 MEDIUM

CoSchedule Headline Analyzer - CSRF

CVE-2024-32795 MEDIUM

WPCal.io - Easy Meeting Scheduler <= 0.9.5.8 - Cross-Site Request Forgery

CVE-2024-32794 MEDIUM

Paid Memberships Pro <= 2.12.10 - Cross-Site Request Forgery

CVE-2024-32793 MEDIUM

Paid Memberships Pro <= 2.12.10 - Cross-Site Request Forgery

CVE-2024-32773 MEDIUM

Royal Elementor Kit <1.0.116 - CSRF

CVE-2024-32728 MEDIUM

Cozmoslabs Paid Member Subscriptions - CSRF

CVE-2024-32699 MEDIUM

YITH WooCommerce Compare <2.37.0 - CSRF

Previous Page 130 of 374 Next

Details

Vulnerabilities 9,347

Exploit Likelihood Medium

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy