Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-352

CWE-352

Medium likelihood

Cross-Site Request Forgery (CSRF)

Parent: CWE-345 - Insufficient Verification of Data Authenticity

The web application does not, or cannot, sufficiently verify whether a request was intentionally provided by the user who sent the request, which could have originated from an unauthorized actor.

9,321 vulnerabilities with CWE-352

CVE-2025-48083 HIGH

andriassundskard wpNamedUsers <=0.5 - CSRF

CVE-2025-48078 HIGH

Slick Google Map <= 0.3 - Cross-Site Request Forgery to Stored Cross-Site Scripting

CVE-2025-48077 HIGH

Block Country <= 1.0 - Cross-Site Request Forgery to Stored Cross-Site Scripting

CVE-2025-10691 MEDIUM

Easy Email Subscription <1.3 - CSRF

CVE-2025-12456 MEDIUM

Centangle-Team WordPress <1.0.0 - CSRF

CVE-2025-12452 MEDIUM

Visit Counter plugin for WordPress 1.0 - CSRF

CVE-2025-12416 MEDIUM

Pagerank Tools <= 1.1.5 - Unauthenticated Stored Cross-Site Scripting via CSRF in pr_save_settings()

CVE-2025-12415 MEDIUM

MapMap <= 1.1 - Cross-Site Request Forgery via Missing Nonce Validation

CVE-2025-12413 MEDIUM

Social Media WPCF7 Stop Words <1.1.3 - CSRF

CVE-2025-12412 MEDIUM

Top Bar Notification <= 1.12 - Cross-Site Request Forgery via tbn_ajax_add() Function

CVE-2025-12410 MEDIUM

SH Contextual Help <= 3.2.1 - Cross-Site Request Forgery via Missing Nonce Validation

CVE-2025-12403 MEDIUM

Associados Amazon Plugin <0.8 - CSRF

CVE-2025-12402 MEDIUM

LinkedIn Resume plugin <2.00 - CSRF

CVE-2025-12400 MEDIUM

LMB^Box Smileys < 3.2 - Cross-Site Request Forgery via Missing Nonce Validation

CVE-2025-12188 MEDIUM

Posts Navigation Links for Sections and Headings - Free by WP Masters <= 1.0.1 - Cross-Site Request Forgery

CVE-2025-12401 MEDIUM

Label Plugins <= 0.5 - Cross-Site Request Forgery via Missing Nonce Validation

CVE-2025-12070 MEDIUM

ViaAds <= 2.1.2 - Cross-Site Request Forgery via Missing Nonce Validation

CVE-2025-12069 MEDIUM

WP Global Screen Options <0.2 - CSRF

CVE-2025-64368 MEDIUM

Bard < 1.6 - Cross-Site Request Forgery

CVE-2025-64357 MEDIUM

Advanced Database Cleaner <= 3.1.6 - Cross-Site Request Forgery

CVE-2025-8383 MEDIUM

Depicter - Popup & Slider Builder <= 4.0.4 - Cross-Site Request Forgery via depicter-document-rules-store Function

CVE-2025-10317 MEDIUM

Quick.Cart 6.7 - Cross-Site Request Forgery in Product Creation

CVE-2025-10930 MEDIUM

Drupal Currency < 3.5.0 - Cross-Site Request Forgery

CVE-2025-62797 HIGH

FluxCP - Cross-Site Request Forgery via Session Cookie Authorization

CVE-2025-12479 HIGH

BLU-IC2 and BLU-IC4 Firmware < 1.20 - Cross-Site Request Forgery

Previous Page 30 of 373 Next

Details

Vulnerabilities 9,321

Exploit Likelihood Medium

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy