Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-352

CWE-352

Medium likelihood

Cross-Site Request Forgery (CSRF)

Parent: CWE-345 - Insufficient Verification of Data Authenticity

The web application does not, or cannot, sufficiently verify whether a request was intentionally provided by the user who sent the request, which could have originated from an unauthorized actor.

9,350 vulnerabilities with CWE-352

CVE-2023-4690 MEDIUM

Elementor Addon Elements <= 1.12.7 - Cross-Site Request Forgery via eae_save_config Function

CVE-2023-4689 MEDIUM

Elementor Addon Elements <= 1.12.7 - Cross-Site Request Forgery via eae_save_elements Function

CVE-2023-47550 HIGH

Donations Made Easy - Smart Donations < 4.0.12 - Stored Cross-Site Scripting via CSRF

CVE-2023-39412 MEDIUM

Intel Unison Software < 20.14.5683.0 - Authenticated Cross-Site Request Forgery

CVE-2023-48021 HIGH

Dreamer CMS 4.1.3 - Cross-Site Request Forgery via Task Update Endpoint

CVE-2023-48020 HIGH

Dreamer CMS 4.1.3 - Cross-Site Request Forgery via Task Status Change Endpoint

CVE-2023-32123 MEDIUM

Dream-Theme The7 <= 11.7.3 - Cross-Site Request Forgery

CVE-2023-31230 HIGH

Baidu Tongji generator < 1.0.2 - Cross-Site Request Forgery

CVE-2023-39166 HIGH

tagDiv Composer < 4.4 - Cross-Site Request Forgery to Cross-Site Scripting

CVE-2023-35877 MEDIUM

Vadym K. Extra User Details <= 0.5 - Cross-Site Request Forgery

CVE-2023-48063 MEDIUM

dreamer_cms 4.1.3 - Cross-Site Request Forgery via Theme Project Deletion

CVE-2023-48060 HIGH

Dreamer CMS 4.1.3 - Cross-Site Request Forgery via Task Management Add Endpoint

CVE-2023-48058 HIGH

Dreamer CMS 4.1.3 - Cross-Site Request Forgery via Task Management Execution

CVE-2023-46092 MEDIUM

LionScripts.Com Webmaster Tools <2.0 - CSRF

CVE-2023-40335 HIGH

Cleverwise Daily Quotes <= 3.2 - Cross-Site Request Forgery

CVE-2023-46201 MEDIUM

Jeff Sherk Auto Login <1.9.6 - CSRF

CVE-2023-47652 HIGH

Auto Affiliate Links <= 6.4.2.4 - Cross-Site Request Forgery Leading to Stored Cross-Site Scripting

CVE-2023-47516 HIGH

Category Post List Widget < 2.0 - Cross-Site Request Forgery to Stored Cross-Site Scripting

CVE-2023-46634 HIGH

phoeniixx Custom My Account for Woocommerce <2.1 - XSS

CVE-2023-35041 HIGH

Webpushr Web Push Notifications <= 4.34.0 - Cross-Site Request Forgery Leading to Local File Inclusion

CVE-2023-47669 MEDIUM

Cozmoslabs User Profile Builder < 3.10.4 - Cross-Site Request Forgery

CVE-2023-34384 MEDIUM

Kebo Twitter Feed <= 1.5.12 - Cross-Site Request Forgery

CVE-2023-34378 MEDIUM

WP Hide Post <= 2.0.10 - Cross-Site Request Forgery Leading to Post Status Change

CVE-2023-33207 MEDIUM

Stop Referrer Spam <= 1.3.0 - Cross-Site Request Forgery

CVE-2023-32588 MEDIUM

BRANDbrilliance Post State Tags <= 2.0.6 - Cross-Site Request Forgery

Previous Page 163 of 374 Next

Details

Vulnerabilities 9,350

Exploit Likelihood Medium

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy