Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-352

CWE-352

Medium likelihood

Cross-Site Request Forgery (CSRF)

Parent: CWE-345 - Insufficient Verification of Data Authenticity

The web application does not, or cannot, sufficiently verify whether a request was intentionally provided by the user who sent the request, which could have originated from an unauthorized actor.

9,350 vulnerabilities with CWE-352

CVE-2023-49379 HIGH

JFinalCMS 5.0.0 - Cross-Site Request Forgery via Friend Link Save Endpoint

CVE-2023-49378 HIGH

JFinalCMS 5.0.0 - Cross-Site Request Forgery via /admin/form/save

CVE-2023-49377 HIGH

JFinalCMS 5.0.0 - Cross-Site Request Forgery via /admin/tag/update

CVE-2023-49376 HIGH

JFinalCMS 5.0.0 - Cross-Site Request Forgery via Tag Deletion Endpoint

CVE-2023-49375 HIGH

JFinalCMS 5.0.0 - Cross-Site Request Forgery via Friendship Link Update Endpoint

CVE-2023-49374 HIGH

JFinalCMS 5.0.0 - Cross-Site Request Forgery via Slide Update Endpoint

CVE-2023-49373 HIGH

JFinalCMS 5.0.0 - Cross-Site Request Forgery via Broadcast Image Deletion Endpoint

CVE-2023-49372 HIGH

JFinalCMS 5.0.0 - Cross-Site Request Forgery via /admin/slide/save

CVE-2023-24048 HIGH

Connectize AC21000 G6 Firmware 641.139.1.1256 - Cross-Site Request Forgery via /man_password.htm

CVE-2023-5990 MEDIUM

funnelforms_free < 3.4.2 - Cross-Site Request Forgery in Form Actions

CVE-2023-5979 MEDIUM

eCommerce Product Catalog Plugin for WordPress < 3.3.26 - Cross-Site Request Forgery in Admin Pages

CVE-2023-5884 MEDIUM

Word Balloon < 4.20.3 - Cross-Site Request Forgery via Avatar Deletion

CVE-2023-6474 MEDIUM

PHPGurukul Nipah Virus Testing Management System 1.0 - CSRF

CVE-2023-38268 MEDIUM

IBM InfoSphere Information Server 11.7 - CSRF

CVE-2023-47870 MEDIUM

wpForo Forum < 2.2.6 - Cross-Site Request Forgery leading to Forced User Logout

CVE-2023-48278 HIGH

Nitin Rathod WP Forms Puzzle Captcha < 4.1 - Cross-Site Request Forgery to Stored Cross-Site Scripting

CVE-2023-47875 MEDIUM

Perfmatters < 2.1.6 - Cross-Site Request Forgery

CVE-2023-5803 MEDIUM

Business Directory Plugin - Easy Listing Directories for WordPress < 6.3.10 - Cross-Site Request Forgery

CVE-2023-48754 MEDIUM

Wap Nepal Delete Post Revisions In WordPress <4.6 - CSRF

CVE-2023-48328 MEDIUM

Imagely NextGEN Gallery <= 3.37 - Cross-Site Request Forgery

CVE-2023-48914 HIGH

Dreamer CMS 4.1.3 - Cross-Site Request Forgery via /admin/archives/add

CVE-2023-48913 HIGH

Dreamer CMS 4.1.3 - Cross-Site Request Forgery via /admin/archives/delete

CVE-2023-48912 HIGH

Dreamer CMS 4.1.3 - Cross-Site Request Forgery via Article Management Modification

CVE-2023-48281 MEDIUM

Super Blog Me Broken Link Checker for YouTube < 1.3 - Cross-Site Request Forgery

CVE-2023-48279 MEDIUM

Seraphinite Post .DOCX Source < 2.16.6 - Cross-Site Request Forgery

Previous Page 158 of 374 Next

Details

Vulnerabilities 9,350

Exploit Likelihood Medium

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy