Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-352

CWE-352

Medium likelihood

Cross-Site Request Forgery (CSRF)

Parent: CWE-345 - Insufficient Verification of Data Authenticity

The web application does not, or cannot, sufficiently verify whether a request was intentionally provided by the user who sent the request, which could have originated from an unauthorized actor.

9,347 vulnerabilities with CWE-352

CVE-2024-32789 HIGH

Seers < 8.1.0 - Cross-Site Request Forgery to Cross-Site Scripting

CVE-2024-32785 HIGH

The Pack Elementor addons <= 2.0.8.3 - Cross-Site Request Forgery to Cross-Site Scripting

CVE-2024-1756 MEDIUM

WooCommerce Customers Manager < 29.8 - Authenticated Information Disclosure via AJAX Action

CVE-2024-32693 HIGH

ValvePress Automatic <3.93.0 - CSRF

CVE-2024-3932 LOW

Totara LMS < 18.7 - Cross-Site Request Forgery in User Selector

CVE-2024-3825 MEDIUM

BlazeMeter Jenkins Plugin < 4.22 - Credential Enumeration

CVE-2024-32538 MEDIUM

Easy CountDowner <= 1.0.8 - Cross-Site Request Forgery leading to Stored Cross-Site Scripting

CVE-2024-32550 HIGH

BMI Adult & Kid Calculator <1.2.1 - CSRF

CVE-2024-32549 HIGH

Microkid Related Posts <4.0.3 - CSRF/XSS

CVE-2024-31503 HIGH

Dolibarr ERP CRM < 19.0.1 - Authenticated Session Cookie and CSRF Token Theft via Crafted Web Page

CVE-2024-21044 MEDIUM

Oracle Complex Maintenance, Repair, and Overhaul 12.2.3-12.2.13 - Unauthenticated Cross-Site Request Forgery in LOV

CVE-2024-21043 MEDIUM

Oracle Complex Maintenance, Repair, and Overhaul 12.2.3-12.2.13 - Cross-Site Request Forgery in LOV

CVE-2024-21032 MEDIUM

Oracle Complex Maintenance, Repair, and Overhaul 12.2.3-12.2.13 - Unauthenticated Cross-Site Request Forgery

CVE-2024-21020 MEDIUM

Oracle Complex Maintenance, Repair, and Overhaul 12.2.3-12.2.13 - Unauthenticated Cross-Site Request Forgery

CVE-2024-3873 MEDIUM

SMI SMI-EX-5414W < 1.0.03 - Cross-Site Request Forgery

CVE-2024-3782 HIGH

WBSAirback 21.02.04 - Cross-Site Request Forgery

CVE-2024-31389 MEDIUM

MihanPanel < 12.7 - Cross-Site Request Forgery

CVE-2024-31388 MEDIUM

Pauple Table & Contact Form 7 Database - Tablesome - CSRF

CVE-2024-31385 MEDIUM

ReDi Restaurant Reservation <24.0128 - CSRF

CVE-2024-31384 MEDIUM

Spa and Salon < 1.2.7 - Cross-Site Request Forgery

CVE-2024-31383 MEDIUM

PopularFX < 1.2.4 - Cross-Site Request Forgery

CVE-2024-31382 MEDIUM

Blocksy <= 2.0.22 - Cross-Site Request Forgery

CVE-2024-31381 MEDIUM

Spotlight Social Media Feeds < 1.6.10 - Cross-Site Request Forgery

CVE-2024-31379 MEDIUM

Smash Balloon Social Post Feed <4.2.1 - CSRF

CVE-2024-31378 MEDIUM

MailMunch MailChimp Forms by MailMunch <= 3.2.1 - Cross-Site Request Forgery

Previous Page 131 of 374 Next

Details

Vulnerabilities 9,347

Exploit Likelihood Medium

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy