Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-352

CWE-352

Medium likelihood

Cross-Site Request Forgery (CSRF)

Parent: CWE-345 - Insufficient Verification of Data Authenticity

The web application does not, or cannot, sufficiently verify whether a request was intentionally provided by the user who sent the request, which could have originated from an unauthorized actor.

9,322 vulnerabilities with CWE-352

CVE-2025-53261 MEDIUM

macbookandrew WP YouTube Live - CSRF

CVE-2025-53254 MEDIUM

Cyrlitera <= 1.3.0 - Cross-Site Request Forgery

CVE-2025-53203 MEDIUM

WooCommerce PDF Invoice Builder <1.2.148 - CSRF

CVE-2025-53197 MEDIUM

Cookiebot <= 4.5.8 - Cross-Site Request Forgery

CVE-2025-53193 MEDIUM

Burst Statistics <= 2.0.6 - Cross-Site Request Forgery

CVE-2025-32281 MEDIUM

FocuxTheme WPKit For Elementor <1.1.0 - Privilege Escalation

CVE-2025-5936 MEDIUM

VR Calendar < 2.4.7 - Cross-Site Request Forgery via syncCalendar() Function

CVE-2025-48921 HIGH

Drupal Open Social <12.3.14-12.4.13 - CSRF

CVE-2025-48497 MEDIUM

iroha_board < 0.10.13 - Cross-Site Request Forgery

CVE-2025-5932 MEDIUM

Homerunner < 1.0.30 - Cross-Site Request Forgery via Missing Nonce Validation

CVE-2025-6664 MEDIUM

CodeAstro Patient Record Management System 1.0 - Cross-Site Request Forgery

CVE-2025-50179 MEDIUM

Tuleap <16.8.99.1749830289, <16.9-1 - CSRF

CVE-2025-48991 MEDIUM

Tuleap < 16.7-5 and < 16.8.99.1748845907 - Cross-Site Request Forgery

CVE-2025-6478 MEDIUM

CodeAstro Expense Management System 1.0 - Cross-Site Request Forgery

CVE-2025-6476 MEDIUM

Gym Management System 1.0 - Cross-Site Request Forgery

CVE-2025-52825 HIGH

Rameez Iqbal Real Estate Manager - CSRF/Privilege Escalation

CVE-2025-52795 HIGH

WP Front User Submit/Front Editor <4.9.4 - CSRF

CVE-2025-52794 HIGH

Creative Contact Form <1.0.0 - CSRF

CVE-2025-52793 HIGH

Esselink.nu Settings <= 4.5 - Cross-Site Request Forgery

CVE-2025-52792 HIGH

vgstef WP User Stylesheet Switcher <v2.2.0 - CSRF

CVE-2025-52791 HIGH

devfelixmoira Knowledge Base <1.1.8 - CSRF

CVE-2025-52790 HIGH

WP-DownloadCounter <= 1.01 - Cross-Site Request Forgery leading to Stored Cross-Site Scripting

CVE-2025-52789 HIGH

Lewe ChordPress <= 4.0.1 - Cross-Site Request Forgery

CVE-2025-52784 HIGH

Bluff Post <= 1.1.1 - Cross-Site Request Forgery

CVE-2025-52783 HIGH

Change Cart button Colors WooCommerce <= 1.0 - Cross-Site Request Forgery

Previous Page 48 of 373 Next

Details

Vulnerabilities 9,322

Exploit Likelihood Medium

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy