Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-352

CWE-352

Medium likelihood

Cross-Site Request Forgery (CSRF)

Parent: CWE-345 - Insufficient Verification of Data Authenticity

The web application does not, or cannot, sufficiently verify whether a request was intentionally provided by the user who sent the request, which could have originated from an unauthorized actor.

9,321 vulnerabilities with CWE-352

CVE-2025-64149 MEDIUM

Jenkins Publish to Bitbucket Plugin < 0.4 - Cross-Site Request Forgery

CVE-2025-64141 MEDIUM

Jenkins Nexus Task Runner Plugin <= 0.9.2 - Cross-Site Request Forgery

CVE-2025-64138 MEDIUM

Jenkins Start Windocks Containers Plugin < 1.4 - Cross-Site Request Forgery

CVE-2025-64136 MEDIUM

Jenkins Themis Plugin < 1.4.1 - Cross-Site Request Forgery

CVE-2025-64133 MEDIUM

Jenkins Extensible Choice Parameter Plugin < 239.v5f5c278708cf - Cross-Site Request Forgery

CVE-2025-64290 MEDIUM

Premmerce Product Search <2.2.4 - CSRF

CVE-2025-64288 MEDIUM

Premmerce <= 1.3.19 - Cross-Site Request Forgery

CVE-2025-64286 MEDIUM

WpEstate WP Rentals <= 3.13.1 - Cross-Site Request Forgery

CVE-2025-64226 MEDIUM

colabrio Stockie Extra <= 1.2.11 - CSRF

CVE-2025-64201 MEDIUM

PowerPress Podcasting <11.13.12 - CSRF

CVE-2025-60075 HIGH

Allegro Marketing hpb seo <3.0.1 - CSRF

CVE-2025-58939 MEDIUM

Super Store Finder <= 7.5 - Cross-Site Request Forgery

CVE-2025-57931 MEDIUM

Ays Pro Popup box <= 5.5.4 - Cross-Site Request Forgery

CVE-2025-55758 MEDIUM

JDownloads component for Joomla 1.0.0-4.0.47 - Cross-Site Request Forgery

CVE-2025-62258 MEDIUM

Liferay DXP 7.4.0-7.4.3.107, 2023.Q3.1-2023.Q3.4, 7.4 GA-92, 7.3 GA-35 - CSRF via Headless API

CVE-2025-54969 MEDIUM

BAE SOCET GXP < 4.6.0.2 - Cross-Site Request Forgery in Job Status Service

CVE-2025-34133 HIGH

Wimi Teamwork < 7.38.17 - Cross-Site Request Forgery via Unvalidated CSRF Token Field

CVE-2025-11154 MEDIUM

IDonate < 2.1.13 - Unauthenticated Cross-Site Request Forgery via User Deletion Action

CVE-2025-58918 MEDIUM

Waituk Entrada < 5.7.7 - Cross-Site Request Forgery

CVE-2025-62986 HIGH

FanBridge signup <= 0.6 - Cross-Site Request Forgery

CVE-2025-62975 MEDIUM

Raychat <= 2.2.1 - Cross-Site Request Forgery

CVE-2025-62962 HIGH

Andrea Landonio CloudSearch <= 3.0.0 - XSS

CVE-2025-62958 MEDIUM

Clifton Griffin Simple Content Templates - CSRF

CVE-2025-62957 HIGH

NikanWP WooCommerce Reporting <1.0.0 - CSRF

CVE-2025-62956 HIGH

Reloadly <= 2.0.1 - Cross-Site Request Forgery

Previous Page 31 of 373 Next

Details

Vulnerabilities 9,321

Exploit Likelihood Medium

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy