Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-352

CWE-352

Medium likelihood

Cross-Site Request Forgery (CSRF)

Parent: CWE-345 - Insufficient Verification of Data Authenticity

The web application does not, or cannot, sufficiently verify whether a request was intentionally provided by the user who sent the request, which could have originated from an unauthorized actor.

9,322 vulnerabilities with CWE-352

CVE-2025-52781 HIGH

Beee TinyNav <= 1.4 - Cross-Site Request Forgery

CVE-2025-52780 HIGH

Logo Manager For Samandehi <= 0.5 - Cross-Site Request Forgery

CVE-2025-52772 HIGH

Adnan Haque (a11n) Virtual Moderator - XSS

CVE-2025-52711 MEDIUM

BoldGrid Post and Page Builder <1.27.8 - CSRF

CVE-2025-50044 MEDIUM

Rameez Iqbal Real Estate Manager <7.3 - CSRF

CVE-2025-50036 MEDIUM

Yamna Khawaja Mailing Group Listserv <3.0.5 - CSRF

CVE-2025-49977 MEDIUM

WP Inventory Manager <= 2.3.4 - Cross-Site Request Forgery

CVE-2025-49975 MEDIUM

JobWP <= 2.4.0 - Cross-Site Request Forgery

CVE-2025-49972 MEDIUM

TM Replace Howdy <= 1.4.2 - Cross-Site Request Forgery

CVE-2025-49968 MEDIUM

Oganro XML Travel Portal Widget - CSRF

CVE-2025-49967 MEDIUM

Live Sports Streamthunder <2.1 - CSRF

CVE-2025-49966 MEDIUM

Oganro Travel Portal Search Widget - CSRF

CVE-2025-49965 MEDIUM

Oganro PixelBeds Channel Manager and Hotel Booking Engine <= 1.0 - Cross-Site Request Forgery

CVE-2025-49964 MEDIUM

indgeek ClipLink <= 1.1 - Cross-Site Request Forgery

CVE-2025-6341 MEDIUM

School Fees Payment System 1.0 - CSRF

CVE-2025-6284 MEDIUM

PHPGurukul Car Rental Portal 3.0 - CSRF

CVE-2025-49865 MEDIUM

Helmut Wandl Advanced Settings <3.0.1 - CSRF

CVE-2025-49856 MEDIUM

CyberChimps Responsive Plus <= 3.2.2 - Cross-Site Request Forgery

CVE-2025-48111 MEDIUM

YITH PayPal Express Checkout <1.49.0 - CSRF

CVE-2025-6106 MEDIUM

WukongCRM 9.0 - Cross-Site Request Forgery in AdminRoleController.java

CVE-2025-6105 MEDIUM

jflyfox jfinal_cms 5.0.1 - Cross-Site Request Forgery via Logout Argument

CVE-2025-6064 MEDIUM

WP URL Shortener <= 1.2 - Cross-Site Request Forgery via Missing Nonce Validation

CVE-2025-6063 MEDIUM

XiSearch bar <= 2.6 - Cross-Site Request Forgery via Missing Nonce Validation

CVE-2025-6062 MEDIUM

Yougler Blogger Profile Page <1.01 - CSRF

CVE-2025-6055 MEDIUM

Zen Sticky Social <= 0.3 - Cross-Site Request Forgery via Missing Nonce Validation

Previous Page 49 of 373 Next

Details

Vulnerabilities 9,322

Exploit Likelihood Medium

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy