Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-352

CWE-352

Medium likelihood

Cross-Site Request Forgery (CSRF)

Parent: CWE-345 - Insufficient Verification of Data Authenticity

The web application does not, or cannot, sufficiently verify whether a request was intentionally provided by the user who sent the request, which could have originated from an unauthorized actor.

9,322 vulnerabilities with CWE-352

CVE-2025-49895 MEDIUM

ServerBuddy by PluginBuddy.com < 1.0.5 - Cross-Site Request Forgery to PHP Object Injection

CVE-2025-7688 MEDIUM

WordPress Add User Meta <1.0.1 - CSRF

CVE-2025-8992 MEDIUM

mtons mblog < 3.5.0 - Cross-Site Request Forgery

CVE-2025-54732 MEDIUM

WPDM - Premium Packages <= 6.0.2 - Cross-Site Request Forgery

CVE-2025-54728 MEDIUM

CM On Demand Search And Replace <1.5.2 - CSRF

CVE-2025-53587 HIGH

ApusTheme Findgo <= 1.3.57 - Cross-Site Request Forgery

CVE-2025-53347 MEDIUM

Laborator Kalium <= 3.18.3 - Cross-Site Request Forgery

CVE-2025-53249 MEDIUM

hakeemnala Build App Online <1.0.23 - CSRF

CVE-2025-53219 MEDIUM

pl4g4 WP-Database-Optimizer-Tools - CSRF

CVE-2025-52797 HIGH

josepsitjar StoryMap <= 2.1 - Cross-Site Request Forgery

CVE-2025-52769 MEDIUM

flexostudio flexo-social-gallery <1.0006 - CSRF

CVE-2025-52767 MEDIUM

NetInsight Analytics Implementation Plugin <1.0.4 - CSRF

CVE-2025-52765 HIGH

NetInsight Analytics Implementation Plugin <1.0.4 - CSRF/XSS

CVE-2025-54703 MEDIUM

Prince Integrate Google Drive <1.5.2 - CSRF

CVE-2025-54702 MEDIUM

motov.net Ebook Store <5.8013 - CSRF

CVE-2025-54694 MEDIUM

bPlugins Button Block <1.2.0 - CSRF

CVE-2025-54682 MEDIUM

Connector for Gravity Forms and Google Sheets <= 1.2.4 - Cross-Site Request Forgery

CVE-2025-54675 MEDIUM

YITHEMES YITH WooCommerce Popup <1.48.0 - CSRF

CVE-2025-54674 MEDIUM

mklacroix Product Configurator for WooCommerce <1.4.4 - CSRF

CVE-2025-54673 MEDIUM

Ays Pro Chartify < 3.5.3 - Cross-Site Request Forgery

CVE-2025-54672 MEDIUM

Jordy Meow Photo Engine <6.4.3 - CSRF

CVE-2025-54671 MEDIUM

bobbingwide oik <= 4.15.2 - Cross-Site Request Forgery

CVE-2025-49044 HIGH

Simple Poll <= 1.1.1 - Cross-Site Request Forgery to Stored Cross-Site Scripting

CVE-2025-8891 MEDIUM

OceanWP 4.0.9-4.1.1 - Cross-Site Request Forgery via oceanwp_notice_button_click()

CVE-2025-8491 MEDIUM

WordPress Easy restaurant menu manager <2.0.2 - CSRF

Previous Page 43 of 373 Next

Details

Vulnerabilities 9,322

Exploit Likelihood Medium

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy