Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-352

CWE-352

Medium likelihood

Cross-Site Request Forgery (CSRF)

Parent: CWE-345 - Insufficient Verification of Data Authenticity

The web application does not, or cannot, sufficiently verify whether a request was intentionally provided by the user who sent the request, which could have originated from an unauthorized actor.

9,349 vulnerabilities with CWE-352

CVE-2023-51683 MEDIUM

Easy PayPal & Stripe Buy Now Button <1.8.1 - CSRF

CVE-2023-51681 MEDIUM

Duplicator - WordPress Migration & Backup Plugin <= 1.5.7 - Cross-Site Request Forgery

CVE-2023-7203 MEDIUM

Smart Forms < 2.6.87 - Cross-Site Request Forgery and Unauthorized Action Execution via AJAX Actions

CVE-2023-7202 MEDIUM

Fatal Error Notify < 1.5.3 - Authenticated Cross-Site Request Forgery via test_error AJAX Action

CVE-2023-36237 HIGH

Bagisto < 1.5.1 - Cross-Site Request Forgery

CVE-2023-32344 MEDIUM

Netapp Oncommand Insight < 11.1.7 - CSRF

CVE-2023-50923 MEDIUM

QUIC - Covert Channel

CVE-2023-47635 MEDIUM

Decidim 0.23.0-0.27.4 - Server-Side Request Forgery via Questionnaire Templates Preview

CVE-2023-52431 HIGH

Plack::Middleware::XSRFBlock < 0.0.19 - CSRF Protection Bypass via Empty Form Value and Cookie

CVE-2023-52060 MEDIUM

gestsup < 3.2.46 - Cross-Site Request Forgery via User Profile Edit

CVE-2023-6501 MEDIUM

Splashscreen < 0.20 - Cross-Site Request Forgery in Settings Update

CVE-2023-6499 MEDIUM

lasTunes < 3.6.1 - Cross-Site Request Forgery and Stored Cross-Site Scripting

CVE-2023-50349 MEDIUM

HCL Sametime < 12.0.2 - Cross-Site Request Forgery in REST APIs

CVE-2023-47020 HIGH

NCR Terminal Handler 1.5.1 - Cross-Site Request Forgery via WSDL Function

CVE-2023-38579 HIGH

Westermo L206-F2G Firmware - Cross-Site Request Forgery via Predictable Token

CVE-2023-6676 HIGH

National Keep CyberMath 1.4-<1.5 - Cross-Site Request Forgery

CVE-2023-51813 MEDIUM

Free Open-Source Inventory Management System <1.0 - CSRF

CVE-2023-7074 HIGH

WP SOCIAL BOOKMARK MENU < 1.2 - Cross-Site Request Forgery in Settings Update

CVE-2023-6946 HIGH

Autotitle for WordPress < 1.0.3 - Cross-Site Request Forgery in Settings Update

CVE-2023-6633 MEDIUM

Side Notes WordPress Plugin < 2.0.0 - Cross-Site Request Forgery

CVE-2023-6503 MEDIUM

WP Plugin Lister < 2.1.0 - Cross-Site Request Forgery and Stored Cross-Site Scripting

CVE-2023-6391 HIGH

Custom User CSS < 0.2 - Cross-Site Request Forgery in Settings Update

CVE-2023-6390 HIGH

WordPress Users < 1.4.0 - Cross-Site Request Forgery in Settings Update

CVE-2023-6625 MEDIUM

Product Enquiry for WooCommerce <3.1 - CSRF

CVE-2023-47024 HIGH

NCR Terminal Handler 1.5.1 - Cross-Site Request Forgery via WSDL Function

Previous Page 151 of 374 Next

Details

Vulnerabilities 9,349

Exploit Likelihood Medium

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy