Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-352

CWE-352

Medium likelihood

Cross-Site Request Forgery (CSRF)

Parent: CWE-345 - Insufficient Verification of Data Authenticity

The web application does not, or cannot, sufficiently verify whether a request was intentionally provided by the user who sent the request, which could have originated from an unauthorized actor.

9,348 vulnerabilities with CWE-352

CVE-2024-24593 CRITICAL

Allegro AI's ClearML <1.14.1 - CSRF

CVE-2024-0859 MEDIUM

WordPress Affiliates Manager <2.9.34 - CSRF

CVE-2024-0796 MEDIUM

WooCommerce <1.0.6.1 - CSRF

CVE-2024-0790 MEDIUM

Pluginus Wolf - Wordpress Posts Bulk Editor And Products Manager Professional < 1.0.8.1 - CSRF

CVE-2024-0660 MEDIUM

Formidable Forms < 6.7.2 - Cross-Site Request Forgery via Missing Nonce Validation

CVE-2024-0428 HIGH

kobzarev/index_now <= 2.6.3 - Cross-Site Request Forgery via 'reset_form' Function

CVE-2024-0374 MEDIUM

Views for WPForms <= 3.2.2 - Unauthenticated CSRF via 'create_view'

CVE-2024-0373 MEDIUM

Views for WPForms < 3.2.2 - Cross-Site Request Forgery via 'save_view' Function

CVE-2024-24469 HIGH

flusity-CMS 2.33 - Cross-Site Request Forgery to Code Execution via delete_post.php

CVE-2024-24468 HIGH

flusity-CMS 2.33 - Cross-Site Request Forgery via add_customblock.php

CVE-2024-24470 HIGH

flusity-CMS 2.33 - Cross-Site Request Forgery via update_post.php

CVE-2024-23831 HIGH

LedgerSMB 1.3.0-1.10.29 - Cross-Site Request Forgery in setup.pl

CVE-2024-24524 HIGH

flusity-CMS 2.33 - Cross-Site Request Forgery via add_menu.php

CVE-2024-1162 MEDIUM

Orbit Fox by ThemeIsle <2.10.29 - CSRF

CVE-2024-22859 HIGH

laravel/livewire < 3.0.4 - Cross-Site Request Forgery via getCsrfToken Function

CVE-2024-22140 HIGH

Cozmoslabs Profile Builder Pro - CSRF

CVE-2024-22136 MEDIUM

DroitThemes Droit Elementor Addons - CSRF

CVE-2024-22304 MEDIUM

Borbis Media FreshMail For WordPress <2.3.2 - CSRF

CVE-2024-22291 MEDIUM

Marco Milesi Browser Theme Color - CSRF

CVE-2024-22285 MEDIUM

Elise Bosse Frontpage Manager - CSRF

CVE-2024-22143 MEDIUM

WP Spell Check <9.17 - CSRF

CVE-2024-22290 HIGH

AboZain,O7abeeb,UnitOne Custom Dashboard Widgets <1.3.1 - CSRF/XSS

CVE-2024-22287 HIGH

Better Anchor Links <1.7.5 - CSRF/XSS

CVE-2024-22643 MEDIUM

SEO Panel 4.10.0 - Cross-Site Request Forgery via Password Reset

CVE-2024-0667 MEDIUM

10web Form Maker < 1.15.21 - Cross-Site Request Forgery via Missing Nonce Validation

Previous Page 146 of 374 Next

Details

Vulnerabilities 9,348

Exploit Likelihood Medium

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy