Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-352

CWE-352

Medium likelihood

Cross-Site Request Forgery (CSRF)

Parent: CWE-345 - Insufficient Verification of Data Authenticity

The web application does not, or cannot, sufficiently verify whether a request was intentionally provided by the user who sent the request, which could have originated from an unauthorized actor.

9,350 vulnerabilities with CWE-352

CVE-2023-47791 MEDIUM

Leadster < 1.1.2 - Cross-Site Request Forgery

CVE-2023-47785 HIGH

LayerSlider < 7.7.9 - Cross-Site Request Forgery

CVE-2023-47781 HIGH

Thrive Theme Builder < 3.24.2 - Cross-Site Request Forgery

CVE-2023-47775 MEDIUM

Comments - wpDiscuz <= 7.6.11 - Cross-Site Request Forgery

CVE-2023-39925 MEDIUM

PeepSo Download Community by PeepSo <= 6.1.6.0 - Cross-Site Request Forgery

CVE-2023-47765 MEDIUM

CodeBard's Patron Button and Widgets for Patreon <= 2.1.9 - Cross-Site Request Forgery

CVE-2023-47758 MEDIUM

Multi Step Form <= 1.7.11 - Cross-Site Request Forgery

CVE-2023-47014 MEDIUM

Sourcecodester Sticky Notes App Using PHP with Source Code 1.0 - Cross-Site Request Forgery via add-note.php

CVE-2023-25987 MEDIUM

My YouTube Channel <= 3.23.3 - Cross-Site Request Forgery

CVE-2023-25986 MEDIUM

WattIsIt PayGreen - Ancienne version <= 4.10.2 - Cross-Site Request Forgery

CVE-2023-6008 MEDIUM

UserPro < 5.1.1 - Cross-Site Request Forgery via Missing Nonce Validation

CVE-2023-5537 MEDIUM

Delete Usermeta <= 1.1.2 - Cross-Site Request Forgery via delumet_options_page()

CVE-2023-5383 MEDIUM

Funnelforms Free <= 3.4 - Cross-Site Request Forgery via fnsf_copy_posts Function

CVE-2023-5382 MEDIUM

Funnelforms Free <= 3.4 - Cross-Site Request Forgery via fnsf_delete_posts Function

CVE-2023-47350 HIGH

SwiftyEdit < 1.2.0 - Cross-Site Request Forgery via User Password Update

CVE-2023-2497 HIGH

UserPro < 5.1.0 - Cross-Site Request Forgery and PHP Object Injection via Import Settings Function

CVE-2023-2440 HIGH

UserPro < 5.1.1 - Cross-Site Request Forgery via Missing Nonce Validation

CVE-2023-2438 MEDIUM

UserPro < 5.1.0 - Cross-Site Request Forgery via userpro_save_userdata Function

CVE-2023-26542 MEDIUM

Exeebit phpinfo() WP <= 4.0 - Cross-Site Request Forgery

CVE-2023-28747 MEDIUM

Codeboxr CBX Currency Converter <3.0.3 - CSRF

CVE-2023-27633 MEDIUM

Pixelgrade Customify < 2.10.4 - Cross-Site Request Forgery

CVE-2023-27461 MEDIUM

Yoohoo Plugins When Last Login <= 1.2.1 - Cross-Site Request Forgery

CVE-2023-27458 MEDIUM

WpStream < 4.4.10 - Cross-Site Request Forgery

CVE-2023-27457 MEDIUM

Add Expires Headers & Optimized Minify <= 2.7 - Cross-Site Request Forgery

CVE-2023-27453 MEDIUM

LWS Tools <= 2.3.1 - Cross-Site Request Forgery

Previous Page 160 of 374 Next

Details

Vulnerabilities 9,350

Exploit Likelihood Medium

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy