Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-352

CWE-352

Medium likelihood

Cross-Site Request Forgery (CSRF)

Parent: CWE-345 - Insufficient Verification of Data Authenticity

The web application does not, or cannot, sufficiently verify whether a request was intentionally provided by the user who sent the request, which could have originated from an unauthorized actor.

9,302 vulnerabilities with CWE-352

CVE-2026-24986 MEDIUM

Simple Membership WP user Import <= 1.9.1 - CSRF

CVE-2026-24966 MEDIUM

Copyscape Premium <= 1.4.1 - Cross-Site Request Forgery

CVE-2026-24962 MEDIUM

Brainstorm Force Sigmize <0.0.10 - CSRF

CVE-2026-24942 MEDIUM

WpEvently <= 5.1.1 - Cross-Site Request Forgery

CVE-2026-20704 MEDIUM

WRC-X1500GS-B/WRC-X1500GSA-B - CSRF

CVE-2026-1447 MEDIUM

Mail Mint < 1.19.2 - Cross-Site Request Forgery and Stored Cross-Site Scripting via Contact Note Creation

CVE-2026-25221 HIGH

PolarLearn 0-PRERELEASE-15 - Login Cross-Site Request Forgery via OAuth State Parameter

CVE-2026-24007 MEDIUM

Tuleap < 17.0-9 - Cross-Site Request Forgery in Overview Inconsistent Items

CVE-2026-0658 MEDIUM

Five Star Restaurant Reservations <2.7.9 - CSRF

CVE-2026-1745 MEDIUM

SourceCodester Medical Certificate Generator App 1.0 - CSRF

CVE-2026-1165 MEDIUM

Popup Box <= 6.1.1 - Cross-Site Request Forgery via Flawed Nonce Implementation

CVE-2026-1398 MEDIUM

Change WP URL <= 1.0 - Cross-Site Request Forgery via Missing Nonce Validation

CVE-2026-1380 MEDIUM

Bitcoin Donate Button <= 1.0 - Cross-Site Request Forgery via Settings Page

CVE-2026-1377 MEDIUM

imwptip < 1.1 - Cross-Site Request Forgery via Settings Update

CVE-2026-0818 MEDIUM

Thunderbird < 140.7.1 and 140.* < 140.7.1 and < 147.0.1 - Information Disclosure via CSS and Remote Content

CVE-2026-24345 HIGH

EZCast Pro II Firmware 1.17478.146 - Cross-Site Request Forgery in Admin UI

CVE-2026-24408 NONE

sigstore-python < 4.2.0 - Cross-Site Request Forgery in OAuth Authentication Flow

CVE-2026-24432 MEDIUM

Shenzhen Tenda W30E V2 <16.01.0.19(5037) - CSRF

CVE-2026-1208 MEDIUM

Friendly Functions for Welcart <= 1.2.5 - Cross-Site Request Forgery via Settings Page

CVE-2026-1088 MEDIUM

WordPress Login Page Editor <1.2 - CSRF

CVE-2026-1081 MEDIUM

Set Bulk Post Categories <1.1 - CSRF

CVE-2026-1076 MEDIUM

Star Review Manager <= 1.2.2 - Cross-Site Request Forgery via Missing Nonce Validation

CVE-2026-1075 MEDIUM

ZT Captcha <= 1.0.4 - Cross-Site Request Forgery via Empty Nonce Bypass

CVE-2026-1070 MEDIUM

Alex User Counter <= 6.0 - Cross-Site Request Forgery via Missing Nonce Validation

CVE-2026-24596 MEDIUM

Related Posts Thumbnails Plugin <4.3.1 - CSRF

Previous Page 15 of 373 Next

Details

Vulnerabilities 9,302

Exploit Likelihood Medium

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy