Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-352

CWE-352

Medium likelihood

Cross-Site Request Forgery (CSRF)

Parent: CWE-345 - Insufficient Verification of Data Authenticity

The web application does not, or cannot, sufficiently verify whether a request was intentionally provided by the user who sent the request, which could have originated from an unauthorized actor.

9,350 vulnerabilities with CWE-352

CVE-2023-27446 MEDIUM

Fluenx DeepL API translation plugin <= 2.1.4 - Cross-Site Request Forgery

CVE-2023-27444 MEDIUM

DecaLog <= 3.7.0 - Cross-Site Request Forgery

CVE-2023-27442 MEDIUM

Leyka < 3.29.2 - Cross-Site Request Forgery

CVE-2023-26535 MEDIUM

WPPOOL Sheets To WP Table Live Sync <2.12.15 - CSRF

CVE-2023-26532 MEDIUM

AccessPress Themes Social Auto Poster <2.1.4 - CSRF

CVE-2023-28749 MEDIUM

CM On Demand Search And Replace <1.3.0 - CSRF

CVE-2023-2447 MEDIUM

UserPro - Community and User Profile WordPress Plugin <= 5.1.1 - Cross-Site Request Forgery via Export Users Function

CVE-2023-5776 MEDIUM

Post Meta Data Manager <= 1.2.1 - Cross-Site Request Forgery via Missing Nonce Validation

CVE-2023-4824 HIGH

WooHoo Newspaper Magazine theme < 1.4.3 - Cross-Site Request Forgery in Settings Update

CVE-2023-48293 HIGH

XWiki Admin Tools Application < 4.5.1 - Cross-Site Request Forgery via Query on XWiki Tool

CVE-2023-38885 HIGH

OpenSIS Classic Community Edition 9.0 - Cross-Site Request Forgery

CVE-2023-48292 CRITICAL

XWiki Admin Tools 4.4-4.5.1 - Cross-Site Request Forgery via Shell Command Execution

CVE-2023-6197 MEDIUM

Audio Merchant < 5.0.4 - Cross-Site Request Forgery via Missing Nonce Validation

CVE-2023-6196 HIGH

Audio Merchant < 5.0.4 - Cross-Site Request Forgery via audio_merchant_add_audio_file Function

CVE-2023-41129 MEDIUM

Patreon WordPress < 1.8.6 - Cross-Site Request Forgery

CVE-2023-32514 MEDIUM

Google Site Verification plugin using Meta Tag < 1.2 - Cross-Site Request Forgery

CVE-2023-32504 MEDIUM

Wise Chat < 3.1.3 - Cross-Site Request Forgery

CVE-2023-32245 MEDIUM

WPDeveloper Essential Addons for Elementor Pro < 5.4.8 - Cross-Site Request Forgery

CVE-2023-31089 MEDIUM

Tradebooster Video XML Sitemap Generator - CSRF

CVE-2023-31075 MEDIUM

Arshid Easy Hide Login <1.0.8 - CSRF

CVE-2023-28780 MEDIUM

Yoast Local SEO < 14.8 - Cross-Site Request Forgery

CVE-2023-25985 MEDIUM

WordPress Tooltips < 8.2.5 - Cross-Site Request Forgery

CVE-2023-47655 MEDIUM

ANAC XML Bandi di Gara < 7.5 - Cross-Site Request Forgery

CVE-2023-47651 MEDIUM

WP Links Page < 4.9.4 - Cross-Site Request Forgery

CVE-2023-47650 MEDIUM

Peter Sterling Add Local Avatar < 12.1 - Cross-Site Request Forgery

Previous Page 161 of 374 Next

Details

Vulnerabilities 9,350

Exploit Likelihood Medium

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy