Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-352

CWE-352

Medium likelihood

Cross-Site Request Forgery (CSRF)

Parent: CWE-345 - Insufficient Verification of Data Authenticity

The web application does not, or cannot, sufficiently verify whether a request was intentionally provided by the user who sent the request, which could have originated from an unauthorized actor.

9,350 vulnerabilities with CWE-352

CVE-2023-47649 MEDIUM

Best Restaurant Menu by PriceListo <= 1.3.1 - Cross-Site Request Forgery

CVE-2023-47644 MEDIUM

ProfileGrid - User Profiles, Memberships, Groups and Communities < 5.6.6 - Cross-Site Request Forgery

CVE-2023-47556 MEDIUM

Device Theme Switcher < 3.0.2 - Cross-Site Request Forgery

CVE-2023-47553 MEDIUM

UserHeat Plugin < 1.1.6 - Cross-Site Request Forgery

CVE-2023-47552 MEDIUM

Labib Ahmed Image Hover Effects - WordPress Plugin <= 5.5 - Cross-Site Request Forgery

CVE-2023-47551 MEDIUM

Donations Made Easy - Smart Donations < 4.0.12 - Cross-Site Request Forgery

CVE-2023-47531 MEDIUM

DroitThemes Droit Dark Mode <= 1.1.2 - Cross-Site Request Forgery

CVE-2023-47519 MEDIUM

WC Product Table WooCommerce Product Table Lite < 2.6.2 - Cross-Site Request Forgery

CVE-2023-47243 MEDIUM

CodeMShop MSHOP MY SITE <= 1.1.6 - Cross-Site Request Forgery

CVE-2023-47685 MEDIUM

Preloader Matrix < 2.0.1 - Cross-Site Request Forgery

CVE-2023-47672 MEDIUM

Swashata WP Category Post List Widget <= 2.0.3 - Cross-Site Request Forgery

CVE-2023-47671 MEDIUM

Vertical scroll recent post < 14.0 - Cross-Site Request Forgery

CVE-2023-47670 MEDIUM

Korea SNS < 1.6.3 - Cross-Site Request Forgery

CVE-2023-47667 MEDIUM

WP Full Stripe Free <= 7.0.16 - Cross-Site Request Forgery

CVE-2023-47666 MEDIUM

Code Snippets < 3.5.0 - Cross-Site Request Forgery

CVE-2023-47664 MEDIUM

Plainview Protect Passwords < 1.4 - Cross-Site Request Forgery

CVE-2023-48017 HIGH

Dreamer_cms 4.1.3 - Cross-Site Request Forgery in Permission Management

CVE-2023-5444 HIGH

McAfee ePolicy Orchestrator < 5.10.0 - Cross-Site Request Forgery in Dashboard User Addition

CVE-2023-47757 MEDIUM

AWeber Plugin <= 7.3.9 - Missing Authorization & CSRF

CVE-2023-38130 HIGH

CubeCart < 6.5.3 - Unauthenticated Cross-Site Request Forgery

CVE-2023-47687 MEDIUM

Woo Custom and Sequential Order Number <= 2.6.0 - Cross-Site Request Forgery

CVE-2023-47686 MEDIUM

Kiboko Labs Arigato Autoresponder and Newsletter <= 2.7.2.2 - Cross-Site Request Forgery

CVE-2023-47688 MEDIUM

Alexufo Youtube SpeedLoad <= 0.6.3 - Cross-Site Request Forgery

CVE-2023-6022 HIGH

prefect < 2.16.5 - Cross-Site Request Forgery

CVE-2023-43275 HIGH

DedeCMS v5.7 - Cross-Site Request Forgery via /catalog_add.php

Previous Page 162 of 374 Next

Details

Vulnerabilities 9,350

Exploit Likelihood Medium

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy