Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-352

CWE-352

Medium likelihood

Cross-Site Request Forgery (CSRF)

Parent: CWE-345 - Insufficient Verification of Data Authenticity

The web application does not, or cannot, sufficiently verify whether a request was intentionally provided by the user who sent the request, which could have originated from an unauthorized actor.

9,302 vulnerabilities with CWE-352

CVE-2025-13990 MEDIUM

Mamurjor Employee Info <1.0.0 - CSRF

CVE-2025-13657 MEDIUM

HelpDesk contact form plugin <= 1.1.5 - Cross-Site Request Forgery via handle_query_args() Function

CVE-2025-13527 MEDIUM

xShare <= 1.0.1 - Cross-Site Request Forgery via Missing Nonce Validation

CVE-2025-13521 MEDIUM

WP Status Notifier <= 1.0 - Cross-Site Request Forgery via Settings Update

CVE-2025-13520 MEDIUM

MTCaptcha WordPress Plugin <2.7.2 - CSRF

CVE-2025-13519 MEDIUM

SVG Map Plugin <= 1.0.0 - Cross-Site Request Forgery via AJAX Actions

CVE-2025-53344 MEDIUM

Thim Core < 2.3.3 - Cross-Site Request Forgery

CVE-2025-15405 MEDIUM

phpems < 11.0 - Cross-Site Request Forgery

CVE-2025-31054 HIGH

Themefy Bloggie < 2.0.8 - Cross-Site Request Forgery and Reflected Cross-Site Scripting

CVE-2025-62123 MEDIUM

Ink themes WP Gmail SMTP <1.0.7 - CSRF

CVE-2025-62113 MEDIUM

Co-marquage service-public.Fr - CSRF

CVE-2025-62101 MEDIUM

Pardakht Delkhah <= 3.0.0 - Cross-Site Request Forgery

CVE-2025-63040 MEDIUM

Saad Iqbal Post Snippets <4.0.11 - CSRF

CVE-2025-63014 MEDIUM

Gmedia Photo Gallery <1.24.1 - CSRF

CVE-2025-62148 MEDIUM

Eugen Bobrowski Robots.Txt <1.6.1 - CSRF

CVE-2025-62133 MEDIUM

Manidoraisamy FormFacade <1.4.1 - CSRF

CVE-2025-62089 MEDIUM

Mergado Pack <= 4.2.1 - Cross-Site Request Forgery

CVE-2025-62084 MEDIUM

Imdad Next Web iNext Woo Pincode Checker <2.3.1 - CSRF

CVE-2025-62080 MEDIUM

Channelize.Io Team Live Shopping & Shoppable Videos For WooCommerce...

CVE-2025-59130 MEDIUM

Appointify <= 1.0.8 - Cross-Site Request Forgery

CVE-2025-62134 MEDIUM

A WP Life Contact Form Widget <1.5.1 - CSRF

CVE-2025-62120 MEDIUM

OpenHook <= 4.3.1 - Cross-Site Request Forgery

CVE-2025-62117 MEDIUM

EasyIndex <= 1.1.1704 - Cross-Site Request Forgery

CVE-2025-62992 MEDIUM

Everest Backup <= 2.3.11 - Cross-Site Request Forgery and Path Traversal

CVE-2025-49028 HIGH

Zoho ZeptoMail <= 3.3.1 - Cross-Site Request Forgery to Stored Cross-Site Scripting

Previous Page 20 of 373 Next

Details

Vulnerabilities 9,302

Exploit Likelihood Medium

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy