Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-352

CWE-352

Medium likelihood

Cross-Site Request Forgery (CSRF)

Parent: CWE-345 - Insufficient Verification of Data Authenticity

The web application does not, or cannot, sufficiently verify whether a request was intentionally provided by the user who sent the request, which could have originated from an unauthorized actor.

9,348 vulnerabilities with CWE-352

CVE-2023-7269 HIGH

ArtPlacer Widget < 2.21.1 - Cross-Site Request Forgery and Stored Cross-Site Scripting

CVE-2023-47677 HIGH

Realtek rtl819x Jungle SDK v3.4.11 - Cross-Site Request Forgery via Boa CSRF Protection Bypass

CVE-2023-25697 MEDIUM

GamiPress < 2.5.6 - Cross-Site Request Forgery

CVE-2023-50900 MEDIUM

Averta Master Slider <= 3.9.10 - Cross-Site Request Forgery

CVE-2023-6492 MEDIUM

Simple Sitemap - Create a Responsive HTML Sitemap <= 3.5.13 - Cross-Site Request Forgery via admin_notices Hook

CVE-2023-47845 MEDIUM

Grab & Save < 1.0.4 - Cross-Site Request Forgery

CVE-2023-6968 HIGH

The Moneytizer < 9.6.3 - Cross-Site Request Forgery via Missing Nonce Validation

CVE-2023-7045 MEDIUM

GitLab 13.11-16.10.5 16.11-16.11.2 17.0 - Cross-Site Request Forgery via Kubernetes Agent Server

CVE-2023-44478 HIGH

WP Hive Events Rich Snippets for Google - CSRF

CVE-2023-7065 MEDIUM

Stop Spammers Security < 2024.4 - Cross-Site Request Forgery via sfs_process AJAX Action

CVE-2023-41864 MEDIUM

PeproDev CF7 Database < 1.8.0 - Cross-Site Request Forgery

CVE-2023-6385 MEDIUM

WordPress Ping Optimizer <2.35.1.3.0 - CSRF

CVE-2023-49965 MEDIUM

SpaceX Starlink Wi-Fi router Gen 2 <2023.48.0 - XSS

CVE-2023-44999 MEDIUM

WooCommerce Stripe Payment Gateway < 7.6.0 - Cross-Site Request Forgery

CVE-2023-39311 HIGH

Fusion Builder < 3.11.1 - Cross-Site Request Forgery

CVE-2023-49838 MEDIUM

KlbTheme Clotya, Cosmetsy, Furnob, Bacola, Partdo, Medibazar, Machic themes - Cross-Site Request Forgery

CVE-2023-51416 MEDIUM

EnvaloSimple < 2.2 - Cross-Site Request Forgery

CVE-2023-51487 MEDIUM

ARI Stream Quiz <= 1.2.32 - Cross-Site Request Forgery

CVE-2023-51486 MEDIUM

WooCommerce PDF Invoice Builder <1.2.101 - CSRF

CVE-2023-51474 HIGH

Pixelemu TerraClassifieds <2.0.3 - CSRF

CVE-2023-51521 MEDIUM

ExpressTech Quiz And Survey Master - CSRF

CVE-2023-51512 MEDIUM

WBW Product Table by WBW <= 1.8.6 - Cross-Site Request Forgery

CVE-2023-51510 MEDIUM

Atlas Gondal Export Media URLs <= 1.0 - Cross-Site Request Forgery

CVE-2023-51491 MEDIUM

Averta Depicter Slider <2.0.6 - CSRF

CVE-2023-51489 MEDIUM

Automattic, Inc. Crowdsignal Dashboard - CSRF

Previous Page 149 of 374 Next

Details

Vulnerabilities 9,348

Exploit Likelihood Medium

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy