Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-352

CWE-352

Medium likelihood

Cross-Site Request Forgery (CSRF)

Parent: CWE-345 - Insufficient Verification of Data Authenticity

The web application does not, or cannot, sufficiently verify whether a request was intentionally provided by the user who sent the request, which could have originated from an unauthorized actor.

9,348 vulnerabilities with CWE-352

CVE-2024-3144 MEDIUM

DedeCMS 5.7 - Cross-Site Request Forgery in makehtml_spec.php

CVE-2024-3143 MEDIUM

DedeCMS 5.7 - Cross-Site Request Forgery in member_rank.php

CVE-2024-3142 MEDIUM

Clavister E10 and E80 <= 14.00.10 - Cross-Site Request Forgery in Setting Handler

CVE-2024-3135 MEDIUM

mudler/localai < 2.17.0 - Cross-Site Request Forgery via Missing CSRF Token Validation

CVE-2024-2262 MEDIUM

Themify WooCommerce Product Filter < 1.4.4 - Cross-Site Request Forgery via Bulk Action

CVE-2024-31100 MEDIUM

Popup Cart Lite for WooCommerce < 1.1 - Cross-Site Request Forgery

CVE-2024-31096 MEDIUM

Nictitate < 1.1.4 - Cross-Site Request Forgery

CVE-2024-30541 MEDIUM

LWS Optimize < 1.9.1 - Cross-Site Request Forgery

CVE-2024-30536 MEDIUM

WPFactory Slugs Manager <2.6.7 - CSRF

CVE-2024-30526 MEDIUM

Easy Social Feed < 6.5.6 - Cross-Site Request Forgery

CVE-2024-1522 HIGH

lollms_web_ui 9.0-<9.2 - Cross-Site Request Forgery via /execute_code Endpoint

CVE-2024-3089 MEDIUM

PHPGurukul Emergency Ambulance Hiring Portal 1.0 - Cross-Site Request Forgery in Manage Ambulance Page

CVE-2024-30468 MEDIUM

All In One WP Security & Firewall <5.2.6 - CSRF

CVE-2024-30462 MEDIUM

HUSKY - Products Filter for WooCommerce < 1.3.5.1 - Cross-Site Request Forgery

CVE-2024-30460 MEDIUM

Tumult Hype Animations <1.9.11 - CSRF

CVE-2024-30455 MEDIUM

GamiPress < 6.8.5 - Cross-Site Request Forgery

CVE-2024-30454 MEDIUM

VeronaLabs WP SMS <= 6.6.2 - Cross-Site Request Forgery

CVE-2024-30521 MEDIUM

Landingi Landing Pages <3.1.1 - CSRF

CVE-2024-30518 MEDIUM

Custom WooCommerce Checkout Fields Editor <1.3.0 - CSRF

CVE-2024-30482 MEDIUM

Simple Revisions Delete < 1.5.3 - Cross-Site Request Forgery

CVE-2024-30493 MEDIUM

Church Admin <= 4.1.7 - Cross-Site Request Forgery

CVE-2024-30458 MEDIUM

WOOCS - WooCommerce Currency Switcher < 1.4.1.7 - Cross-Site Request Forgery

CVE-2024-30457 MEDIUM

WordPress Meta Data and Taxonomies Filter (MDTF) < 1.3.3.1 - Cross-Site Request Forgery

CVE-2024-30456 MEDIUM

Pluginus Wordpress Currency Switcher < 1.2.0.2 - CSRF

CVE-2024-2970 MEDIUM

News Wall <= 1.1.0 - Cross-Site Request Forgery via nwap_newslist_page() Function

Previous Page 138 of 374 Next

Details

Vulnerabilities 9,348

Exploit Likelihood Medium

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy