Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-352

CWE-352

Medium likelihood

Cross-Site Request Forgery (CSRF)

Parent: CWE-345 - Insufficient Verification of Data Authenticity

The web application does not, or cannot, sufficiently verify whether a request was intentionally provided by the user who sent the request, which could have originated from an unauthorized actor.

9,302 vulnerabilities with CWE-352

CVE-2025-59009 MEDIUM

Astoundify Listify <= 3.2.5 - Cross-Site Request Forgery

CVE-2025-58999 MEDIUM

loopus WP Attractive Donations System - CSRF

CVE-2025-66407 MEDIUM

Weblate < 5.15 - Server-Side Request Forgery via Mercurial Repository URL

CVE-2025-14462 MEDIUM

Lucky Draw Contests <= 4.2 - Cross-Site Request Forgery via Missing Nonce Validation

CVE-2025-14454 MEDIUM

Image Slider by Ays- Responsive Slider and Carousel plugin for Word...

CVE-2025-14394 MEDIUM

Popover Windows <= 1.2 - Cross-Site Request Forgery via Missing Nonce Validation

CVE-2025-13970 HIGH

OpenPLC_V3 - Cross-Site Request Forgery

CVE-2025-14159 MEDIUM

Secure Copy Content Protection <=4.9.2 - Cross-Site Request Forgery

CVE-2025-12407 MEDIUM

WordPress Events Manager - Calendar <7.2.2.2 - CSRF

CVE-2025-10684 MEDIUM

Construction Light WordPress <1.6.8 - CSRF

CVE-2025-58576 MEDIUM

GroupSession Free < 5.3.0, byCloud < 5.3.3, ZION < 5.3.2 - Cross-Site Request Forgery

CVE-2025-14391 MEDIUM

Simple Theme Changer <= 1.0 - Cross-Site Request Forgery via Missing Nonce Validation

CVE-2025-14354 MEDIUM

Resource Library for Logged In Users <= 1.5 - Cross-Site Request Forgery via Missing Nonce Validation

CVE-2025-14165 MEDIUM

Kirim.Email WooCommerce Integration <1.2.9 - CSRF

CVE-2025-14162 MEDIUM

BMLT WordPress Plugin <3.11.4 - CSRF

CVE-2025-14161 MEDIUM

Truefy Embed <= 1.1.0 - Cross-Site Request Forgery via Settings Update Action

CVE-2025-14160 MEDIUM

Upcoming for Calendly <1.2.4 - CSRF

CVE-2025-14158 MEDIUM

WordPress Coding Blocks <1.1.0 - CSRF

CVE-2025-14062 MEDIUM

Animated Pixel Marquee Creator <1.0.0 - CSRF

CVE-2025-13987 MEDIUM

WordPress Purchase & Expense Manager <1.1.2 - CSRF

CVE-2025-13408 MEDIUM

WordPress Media Optimize Images 2.5.2 - CSRF

CVE-2025-13366 MEDIUM

Rabbit Hole < 1.1 - Cross-Site Request Forgery via Reset Functionality

CVE-2025-13363 MEDIUM

IMAQ CORE <= 1.2.1 - Cross-Site Request Forgery via URL Structure Settings Update

CVE-2025-65472 HIGH

easyimages2.0 < 2.8.6 - Cross-Site Request Forgery in Admin Panel

CVE-2025-67646 LOW

MediaWiki TableProgressTracking <1.2.0 - CSRF

Previous Page 23 of 373 Next

Details

Vulnerabilities 9,302

Exploit Likelihood Medium

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy