Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-352

CWE-352

Medium likelihood

Cross-Site Request Forgery (CSRF)

Parent: CWE-345 - Insufficient Verification of Data Authenticity

The web application does not, or cannot, sufficiently verify whether a request was intentionally provided by the user who sent the request, which could have originated from an unauthorized actor.

9,321 vulnerabilities with CWE-352

CVE-2025-9895 MEDIUM

Notification Bar plugin <2.2 - CSRF

CVE-2025-9892 MEDIUM

WordPress Restrict User Registration <1.0.2 - CSRF

CVE-2025-9889 MEDIUM

ContentMX Content Publisher <1.0.6 - CSRF

CVE-2025-9885 MEDIUM

MPWizard - Create Mercado Pago Payment Links <1.2.1 - CSRF

CVE-2025-9884 MEDIUM

Mobile Site Redirect <= 1.2.1 - Cross-Site Request Forgery via Missing Nonce Validation

CVE-2025-9630 MEDIUM

WP SinoType <= 1.0 - Cross-Site Request Forgery via sinotype_config Function

CVE-2025-9213 HIGH

TextBuilder 1.0.0-1.1.1 - Cross-Site Request Forgery via Missing Nonce Validation in handleToken

CVE-2025-8669 MEDIUM

Customify < 0.4.11 - Cross-Site Request Forgery via Missing Nonce Validation

CVE-2025-10311 MEDIUM

WordPress Comment Info Detector <1.0.5 - CSRF

CVE-2025-10309 MEDIUM

PayPal Forms <= 1.0.3 - Cross-Site Request Forgery via Form Creation and Management

CVE-2025-10302 MEDIUM

WordPress Ultimate Viral Quiz <1.0 - CSRF

CVE-2025-61604 HIGH

WeGIA < 3.5.0 - Cross-Site Request Forgery via Almoxarifado Delete Operation

CVE-2025-54286 HIGH

Canonical LXD >=5.0 <5.0.5 - Cross-Site Request Forgery via Client Certificate Authentication

CVE-2025-9948 MEDIUM

Chat by Chatwee <= 2.1.3 - Cross-Site Request Forgery via Missing Nonce Validation

CVE-2025-9946 MEDIUM

LockerPress - WordPress Security Plugin <1.0 - CSRF

CVE-2025-8119 MEDIUM

widzialni pad_cms < 1.2.1 - Cross-Site Request Forgery in Password Reset

CVE-2025-7052 HIGH

LatePoint - Calendar Booking Plugin <= 5.1.94 - Cross-Site Request Forgery

CVE-2025-35030 HIGH

Medical Informatics Engineering Enterprise Health - Unauthenticated Cross-Site Request Forgery

CVE-2025-9944 MEDIUM

Professional Contact Form <1.0.0 - CSRF

CVE-2025-9899 MEDIUM

Trust Reviews plugin <= 1.0 - Cross-Site Request Forgery via feed_save

CVE-2025-9898 MEDIUM

cForms - Light speed fast Form Builder <3.0.0 - CSRF

CVE-2025-9896 MEDIUM

HidePost <= 2.3.8 - Cross-Site Request Forgery via Missing Nonce Validation

CVE-2025-9894 MEDIUM

Sync Feedly <= 1.0.1 - Cross-Site Request Forgery via crsf_cron_job_func

CVE-2025-9893 MEDIUM

VM Menu Reorder plugin <1.0.0 - CSRF

CVE-2025-11051 MEDIUM

SourceCodester Pet Grooming Mgmt <1.0 - CSRF

Previous Page 34 of 373 Next

Details

Vulnerabilities 9,321

Exploit Likelihood Medium

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy