Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-352

CWE-352

Medium likelihood

Cross-Site Request Forgery (CSRF)

Parent: CWE-345 - Insufficient Verification of Data Authenticity

The web application does not, or cannot, sufficiently verify whether a request was intentionally provided by the user who sent the request, which could have originated from an unauthorized actor.

9,352 vulnerabilities with CWE-352

CVE-2023-34033 MEDIUM

Malinky Ajax Pagination & Inf Scrl <= 2.0.1 - CSRF

CVE-2023-47238 MEDIUM

WebberZone Top 10 < 3.3.3 - Cross-Site Request Forgery

CVE-2023-47237 MEDIUM

Auto Publish for Google My Business <= 3.7 - Cross-Site Request Forgery

CVE-2023-34371 MEDIUM

SpamReferrerBlock <= 2.22 - Cross-Site Request Forgery

CVE-2023-34182 MEDIUM

Peter Shaw LH Password Changer <1.55 - CSRF

CVE-2023-34181 MEDIUM

WP-Cirrus < 0.6.11 - Cross-Site Request Forgery

CVE-2023-34178 MEDIUM

Groundhogg <= 2.7.11 - Cross-Site Request Forgery

CVE-2023-46614 MEDIUM

Mat Bao Corp WP Helper Premium <= 4.5.1 - CSRF

CVE-2023-34386 MEDIUM

WPClever WPC Smart Wishlist for WooCommerce <= 4.7.1 - Cross-Site Request Forgery

CVE-2023-34002 MEDIUM

WP Inventory Manager <2.1.0.13 - CSRF

CVE-2023-31087 MEDIUM

JoomSky JS Job Manager <2.0.0 - CSRF

CVE-2023-25975 MEDIUM

Etsy Shop < 3.0.4 - Cross-Site Request Forgery

CVE-2023-45884 MEDIUM

NASA Open MCT <= 3.1.0 - Cross-Site Request Forgery via flexibleLayout Plugin

CVE-2023-25994 MEDIUM

Alex Benfica Publish to Schedule <= 4.4.2 - Cross-Site Request Forgery

CVE-2023-45857 MEDIUM

Axios 1.5.1 - Sensitive Information Exposure via X-XSRF-TOKEN Header

CVE-2023-5982 MEDIUM

UpdraftPlus WordPress Backup Plugin <=1.23.10 - Cross-Site Request Forgery

CVE-2023-5818 MEDIUM

Amazonify < 0.8.1 - Cross-Site Request Forgery via Missing Nonce Validation

CVE-2023-46242 CRITICAL

XWiki < 14.10.7 - Authenticated Cross-Site Request Forgery via Crafted URL

CVE-2023-32966 MEDIUM

CRUDLab Jazz Popups < 1.8.7 - Cross-Site Request Forgery leading to Stored Cross-Site Scripting

CVE-2023-5975 MEDIUM

ImageMapper < 1.2.6 - Cross-Site Request Forgery via Missing Nonce Validation

CVE-2023-5532 MEDIUM

ImageMapper < 1.2.6 - Cross-Site Request Forgery via imgmap_save_area_title Function

CVE-2023-5902 MEDIUM

pkp_web_application_library < 3.3.0-15 - Cross-Site Request Forgery

CVE-2023-5900 LOW

pkp_web_application_library < 3.3.0-16 - Cross-Site Request Forgery

CVE-2023-5823 MEDIUM

ThemeKraft TK Google Fonts GDPR Compliant <= 2.2.11 - Cross-Site Request Forgery

CVE-2023-47186 MEDIUM

Kadence WooCommerce Email Designer <= 1.5.11 - Cross-Site Request Forgery

Previous Page 167 of 375 Next

Details

Vulnerabilities 9,352

Exploit Likelihood Medium

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy