Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-352

CWE-352

Medium likelihood

Cross-Site Request Forgery (CSRF)

Parent: CWE-345 - Insufficient Verification of Data Authenticity

The web application does not, or cannot, sufficiently verify whether a request was intentionally provided by the user who sent the request, which could have originated from an unauthorized actor.

9,321 vulnerabilities with CWE-352

CVE-2025-62945 HIGH

Did Prestashop Display <1.0.31 - CSRF

CVE-2025-62934 HIGH

Mejar WP Business Hours <2.5 - CSRF

CVE-2025-62933 HIGH

Prakash Awesome Testimonials <= 2.2.1 - XSS

CVE-2025-62896 HIGH

digitaldonkey Multilang Contact Form <=1.5 - XSS

CVE-2025-62891 MEDIUM

Off-Canvas Sidebars & Menus (Slidebars) <= 0.5.8.5 - Cross-Site Request Forgery

CVE-2025-62890 MEDIUM

Premmerce Premmerce Brands for WooCommerce - CSRF

CVE-2025-62886 HIGH

wpdevart Pricing Table builder <2 - CSRF

CVE-2025-12202 MEDIUM

ajayrandhawa/user-management-php-mysql < 2023-03-16 - Cross-Site Request Forgery

CVE-2025-12221 HIGH

BLU-IC2 and BLU-IC4 Firmware < 1.20 - Multiple Busybox 1.31.1 Vulnerabilities

CVE-2025-11976 MEDIUM

FuseWP < 1.1.23.0 - Cross-Site Request Forgery via Missing Nonce Validation

CVE-2025-12095 HIGH

Simple Registration for WooCommerce <1.5.8 - CSRF

CVE-2025-12072 MEDIUM

Disable Content Editor For Specific Template <= 2.0 - Cross-Site Request Forgery via Template Configuration Update

CVE-2025-12028 HIGH

IndieAuth plugin for WordPress <4.5.4 - CSRF

CVE-2025-56009 MEDIUM

KeeneticOS < 4.3 - Cross-Site Request Forgery via RCI API Endpoint

CVE-2025-62061 MEDIUM

impleCode Product Catalog <=1.8.4 - CSRF

CVE-2025-62009 MEDIUM

UPC/EAN/GTIN Code Generator <= 2.0.2 - Cross-Site Request Forgery

CVE-2025-62005 HIGH

SUMO Memberships for WooCommerce < 7.8.0 - CSRF

CVE-2025-60208 HIGH

Tusko Trush Advanced Custom Fields - CSRF

CVE-2025-60168 HIGH

HotelRunner Booking Widget <2 - CSRF

CVE-2025-60134 MEDIUM

John James Jacoby WP Media Categories <= 2.1.0 - CSRF

CVE-2025-60132 HIGH

Video Blogster Lite <= 1.2 - Cross-Site Request Forgery

CVE-2025-49373 MEDIUM

Evergreen Content Poster <=1.4.5 - CSRF

CVE-2025-48099 MEDIUM

Code Amp Search & Filter <= 1.2.17 - CSRF

CVE-2025-10588 MEDIUM

PixelYourSite < 11.1.2 - Cross-Site Request Forgery via adminEnableGdprAjax Function

CVE-2025-62771 HIGH

Mercku M6a <= 2.1.0 - Cross-Site Request Forgery via Password Change

Previous Page 32 of 373 Next

Details

Vulnerabilities 9,321

Exploit Likelihood Medium

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy