Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-352

CWE-352

Medium likelihood

Cross-Site Request Forgery (CSRF)

Parent: CWE-345 - Insufficient Verification of Data Authenticity

The web application does not, or cannot, sufficiently verify whether a request was intentionally provided by the user who sent the request, which could have originated from an unauthorized actor.

9,352 vulnerabilities with CWE-352

CVE-2023-4937 MEDIUM

BEAR WooCommerce Bulk Editor <1.1.3.3 - Cross-Site Request Forgery

CVE-2023-4935 MEDIUM

BEAR - Bulk Editor and Products Manager Professional for WooCommerce < 1.1.3.3 - Cross-Site Request Forgery

CVE-2023-4920 MEDIUM

BEAR for WordPress <= 1.1.3.3 - Cross-Site Request Forgery via woobe_save_options Function

CVE-2023-44385 HIGH

Home Assistant Companion < 2023.7 - Client-Side Request Forgery via Malicious Links

CVE-2023-45992 CRITICAL

RUCKUS Cloudpath <5.12.5538 - XSS/CSRF

CVE-2023-42435 MEDIUM

dexgate - Cross-Site Request Forgery

CVE-2023-3254 MEDIUM

Widgets for Google Reviews <= 10.9 - Cross-Site Request Forgery via setup_no_reg_header.php

CVE-2023-5626 HIGH

Open Journal System < 3.3.0-16 - Cross-Site Request Forgery

CVE-2023-45907 HIGH

Dreamer CMS 4.1.3 - Cross-Site Request Forgery via Variable Management Deletion

CVE-2023-45906 HIGH

Dreamer CMS 4.1.3 - Cross-Site Request Forgery via User Add Endpoint

CVE-2023-45905 HIGH

Dreamer CMS 4.1.3 - Cross-Site Request Forgery via Variable Management Add Functionality

CVE-2023-45904 HIGH

Dreamer CMS 4.1.3 - Cross-Site Request Forgery via Variable Update Component

CVE-2023-45903 HIGH

Dreamer CMS 4.1.3 - Cross-Site Request Forgery via Label Management Deletion

CVE-2023-45902 HIGH

Dreamer CMS 4.1.3 - Cross-Site Request Forgery via Attachment Management Deletion

CVE-2023-45901 HIGH

Dreamer CMS 4.1.3 - Cross-Site Request Forgery via /admin/category/add

CVE-2023-45141 HIGH

Fiber < 2.50.0 - Cross-Site Request Forgery via Improper Token Validation

CVE-2023-45128 CRITICAL

Fiber < 2.50.0 - Cross-Site Request Forgery via Improper CSRF Token Validation

CVE-2023-43118 HIGH

Extreme Networks EXOS 31.7.0-31.7.1 - Cross-Site Request Forgery via /jsonrpc API

CVE-2023-46087 MEDIUM

Mahlamusa Who Hit The Page - Hit Counter <1.4.14.3 - CSRF

CVE-2023-45836 MEDIUM

XYDAC Ultimate Taxonomy Manager <= 2.0 - Cross-Site Request Forgery

CVE-2023-45831 MEDIUM

AMP WP - Google AMP For WordPress <= 1.5.15 - Cross-Site Request Forgery

CVE-2023-45763 MEDIUM

Taggbox < 2.9 - Cross-Site Request Forgery

CVE-2023-45753 MEDIUM

Gilles Dumas which template file <= 4.6.0 - Cross-Site Request Forgery

CVE-2023-45752 MEDIUM

10 Quality Post Gallery <= 2.3.12 - Cross-Site Request Forgery

CVE-2023-45749 MEDIUM

AGP Font Awesome Collection <= 3.2.4 - Cross-Site Request Forgery

Previous Page 170 of 375 Next

Details

Vulnerabilities 9,352

Exploit Likelihood Medium

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy