Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-352

CWE-352

Medium likelihood

Cross-Site Request Forgery (CSRF)

Parent: CWE-345 - Insufficient Verification of Data Authenticity

The web application does not, or cannot, sufficiently verify whether a request was intentionally provided by the user who sent the request, which could have originated from an unauthorized actor.

9,348 vulnerabilities with CWE-352

CVE-2024-2969 MEDIUM

WP-Eggdrop <= 0.1 - Cross-Site Request Forgery via wpegg_updateOptions()

CVE-2024-2964 MEDIUM

Pocket News Generator <0.2.0 - CSRF

CVE-2024-2113 MEDIUM

Ninja Forms Contact Form - WordPress <3.8.0 - CSRF

CVE-2024-30421 MEDIUM

Pixelite Events Manager <6.4.7.1 - CSRF

CVE-2024-2110 MEDIUM

WordPress Events Manager <6.4.7.1 - CSRF

CVE-2024-28233 HIGH

JupyterHub < 4.1.0 - Cross-Site Scripting via Malicious Subdomain

CVE-2024-29773 HIGH

BizPrint < 4.5.5 - Cross-Site Request Forgery to Cross-Site Scripting

CVE-2024-23515 MEDIUM

Cincopa Post Video Players < 1.159 - Cross-Site Request Forgery

CVE-2024-23510 MEDIUM

Don't Muck My Markup < 1.8 - Cross-Site Request Forgery

CVE-2024-2911 MEDIUM

Tianjin PubliCMS 4.0.202302.e - CSRF

CVE-2024-2951 MEDIUM

Metagauss RegistrationMagic <5.3.0.0 - CSRF

CVE-2024-29684 CRITICAL

DedeCMS v5.7 - Cross-Site Request Forgery via makehtml_homepage.php

CVE-2024-2904 MEDIUM

Extend Themes Calliope <= 1.0.33 - Cross-Site Request Forgery

CVE-2024-29009 MEDIUM

easy-popup-show - Unauthenticated Cross-Site Request Forgery

CVE-2024-1962 HIGH

CM Download Manager < 2.9.1 - Cross-Site Request Forgery via Download Edit Action

CVE-2024-1232 MEDIUM

CM Download Manager < 2.9.0 - Cross-Site Request Forgery via Download Deletion

CVE-2024-1231 MEDIUM

CM Download Manager < 2.9.0 - Cross-Site Request Forgery via Unpublish Action

CVE-2024-2326 MEDIUM

Caseproof Prettylinks < 3.6.3 - CSRF

CVE-2024-2823 MEDIUM

DedeCMS 5.7 - Cross-Site Request Forgery in mda_main.php

CVE-2024-2822 MEDIUM

DedeCMS 5.7 - Cross-Site Request Forgery via vote_edit.php aid Parameter

CVE-2024-29499 HIGH

Anchor CMS 0.12.7 - Cross-Site Request Forgery via User Deletion Endpoint

CVE-2024-29338 LOW

Anchor CMS 0.12.7 - Cross-Site Request Forgery via Category Deletion Endpoint

CVE-2024-2821 MEDIUM

DedeCMS 5.7 - Cross-Site Request Forgery via friendlink_edit.php id Parameter

CVE-2024-2820 MEDIUM

dedecms 5.7 - Cross-Site Request Forgery via baidunews.php filename Parameter

CVE-2024-2449 HIGH

LoadMaster 7.2.49.0-7.2.54.8 and 7.2.55.0-7.2.59.2 - Cross-Site Request Forgery

Previous Page 139 of 374 Next

Details

Vulnerabilities 9,348

Exploit Likelihood Medium

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy