Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-352

CWE-352

Medium likelihood

Cross-Site Request Forgery (CSRF)

Parent: CWE-345 - Insufficient Verification of Data Authenticity

The web application does not, or cannot, sufficiently verify whether a request was intentionally provided by the user who sent the request, which could have originated from an unauthorized actor.

9,348 vulnerabilities with CWE-352

CVE-2024-1943 MEDIUM

Yuki theme - Cross-Site Request Forgery

CVE-2024-1912 MEDIUM

Categorify <= 1.0.7.4 - Cross-Site Request Forgery via categorifyAjaxUpdateFolderPosition

CVE-2024-1910 MEDIUM

Categorify <= 1.0.7.4 - Cross-Site Request Forgery via categorifyAjaxClearCategory

CVE-2024-1909 MEDIUM

Categorify <= 1.0.7.4 - Cross-Site Request Forgery via categorifyAjaxRenameCategory Function

CVE-2024-1907 MEDIUM

Categorify < 1.0.7.4 - Unauthenticated Cross-Site Request Forgery via categorifyAjaxDeleteCategory

CVE-2024-1906 MEDIUM

Categorify <= 1.0.7.4 - Cross-Site Request Forgery via categorifyAjaxAddCategory Function

CVE-2024-1889 HIGH

SMA Cluster Controller 01.05.01.R - Cross-Site Request Forgery

CVE-2024-1362 MEDIUM

Colibri Page Builder <= 1.0.253 - Cross-Site Request Forgery via cp_shortcode_refresh() Function

CVE-2024-1361 MEDIUM

Colibri Page Builder <= 1.0.253 - Cross-Site Request Forgery via apiCall() Function

CVE-2024-1360 MEDIUM

Colibri WP < 1.0.94 - Cross-Site Request Forgery via colibriwp_install_plugin()

CVE-2024-1777 MEDIUM

Admin side data storage for Contact Form 7 <= 1.1.1 - Cross-Site Request Forgery via Settings Update Function

CVE-2024-26445 MEDIUM

flusity-CMS v2.33 - Cross-Site Request Forgery via /core/tools/delete_place.php

CVE-2024-26352 HIGH

flusity-CMS v2.33 - Cross-Site Request Forgery via /core/tools/add_places.php

CVE-2024-26351 MEDIUM

flusity-CMS 2.33 - Cross-Site Request Forgery via /core/tools/update_place.php

CVE-2024-26350 HIGH

flusity-CMS v2.33 - Cross-Site Request Forgery via /core/tools/update_contact_form_settings.php

CVE-2024-26349 MEDIUM

flusity-CMS v2.33 - Cross-Site Request Forgery via /core/tools/delete_translation.php

CVE-2024-23094 HIGH

Flusity-CMS 2.33 - Cross-Site Request Forgery via /cover/addons/info_media_gallery/action/edit_addon_post.php

CVE-2024-24837 MEDIUM

FG PrestaShop to WooCommerce <4.44.3 - CSRF

CVE-2024-24802 MEDIUM

JTRT Responsive Tables <4.1.9 - CSRF

CVE-2024-24798 MEDIUM

SoniNow Team Debug <= 1.10 - Cross-Site Request Forgery

CVE-2024-25905 MEDIUM

Multi Step Form <= 1.7.18 - Cross-Site Request Forgery

CVE-2024-25904 MEDIUM

TinyMCE and TinyMCE Advanced Professional Formats and Styles <= 1.1.2 - Cross-Site Request Forgery

CVE-2024-24876 MEDIUM

Admin Menu Editor < 1.12 - Cross-Site Request Forgery

CVE-2024-24872 MEDIUM

Themify Builder < 7.0.5 - Cross-Site Request Forgery

CVE-2024-24849 MEDIUM

Quicksand Post Filter jQuery Plugin <3.1.1 - CSRF

Previous Page 144 of 374 Next

Details

Vulnerabilities 9,348

Exploit Likelihood Medium

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy