Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-352

CWE-352

Medium likelihood

Cross-Site Request Forgery (CSRF)

Parent: CWE-345 - Insufficient Verification of Data Authenticity

The web application does not, or cannot, sufficiently verify whether a request was intentionally provided by the user who sent the request, which could have originated from an unauthorized actor.

9,349 vulnerabilities with CWE-352

CVE-2023-47718 MEDIUM

IBM Maximo Asset Management 7.6.1.3 and Maximo Application Suite 8.10-8.11 - Cross-Site Request Forgery

CVE-2023-5006 MEDIUM

WP Discord Invite < 2.5.1 - Cross-Site Request Forgery

CVE-2023-7125 MEDIUM

Community by PeepSo WordPress plugin < 6.3.1.2 - Cross-Site Request Forgery via User Post Creation

CVE-2023-7083 MEDIUM

Voting Record < 2.0 - Cross-Site Request Forgery and Stored Cross-Site Scripting

CVE-2023-6292 MEDIUM

Ecwid Ecommerce Shopping Cart <6.12.5 - CSRF

CVE-2023-3178 MEDIUM

POST SMTP Mailer WordPress Plugin < 2.5.7 - Cross-Site Request Forgery via Log Deletion AJAX Action

CVE-2023-0824 MEDIUM

Userplus < 2.0 - CSRF

CVE-2023-51063 HIGH

QStar Archive Solutions <RELEASE_3-0 - XSS

CVE-2023-51949 HIGH

Verydows v2.0 - Cross-Site Request Forgery via Role Controller

CVE-2023-6244 MEDIUM

EventON WordPress Plugin <=4.5.4 (Pro) & <=2.2.8 (Free) - Unauthenticated CSRF via save_virtual_event_settings

CVE-2023-6242 MEDIUM

EventON - WordPress Virtual Event Calendar Plugin <4.5.4-2.2.7 - CSRF

CVE-2023-7048 LOW

My Sticky Bar < 2.6.6 - Cross-Site Request Forgery via Contact Leads Export

CVE-2023-4248 MEDIUM

GiveWP < 2.33.3 - Cross-Site Request Forgery via Stripe Disconnect Action

CVE-2023-4247 MEDIUM

GiveWP < 2.33.3 - Cross-Site Request Forgery via give_sendwp_disconnect Function

CVE-2023-4246 MEDIUM

GiveWP < 2.33.3 - Cross-Site Request Forgery via give_sendwp_remote_install_handler

CVE-2023-6520 MEDIUM

WP 2FA - WordPress <2.5.0 - CSRF

CVE-2023-5448 HIGH

WP Register Profile With Shortcode <= 3.5.9 - Cross-Site Request Forgery via Password Update Function

CVE-2023-5455 MEDIUM

FreeIPA < 4.6.10 - Cross-Site Request Forgery in Session Login

CVE-2023-48258 MEDIUM

Bosch nexo-os 1000-1500-sp2 - Cross-Site Request Forgery

CVE-2023-50932 HIGH

savignano S/Notify < 4.0.2 - Cross-Site Request Forgery in Configuration Settings

CVE-2023-50931 HIGH

savignano S/Notify < 2.0.1 - Cross-Site Request Forgery via Configuration Settings

CVE-2023-50930 HIGH

savignano S/Notify < 4.0.2 - Cross-Site Request Forgery

CVE-2023-6788 MEDIUM

Metform Elementor Contact Form Builder <= 3.8.1 - Cross-Site Request Forgery via Hubspot Integration

CVE-2023-52074 HIGH

FlyCms v1.0 - Cross-Site Request Forgery via Webconfig Update Component

CVE-2023-52073 HIGH

FlyCms v1.0 - Cross-Site Request Forgery via /system/site/config_footer_updagte

Previous Page 152 of 374 Next

Details

Vulnerabilities 9,349

Exploit Likelihood Medium

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy