Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-352

CWE-352

Medium likelihood

Cross-Site Request Forgery (CSRF)

Parent: CWE-345 - Insufficient Verification of Data Authenticity

The web application does not, or cannot, sufficiently verify whether a request was intentionally provided by the user who sent the request, which could have originated from an unauthorized actor.

9,322 vulnerabilities with CWE-352

CVE-2025-4592 MEDIUM

AI Image Lab Free AI Image Generator <1.0.6 - CSRF

CVE-2025-6059 MEDIUM

Seraphinite Accelerator <2.27.21 - CSRF

CVE-2025-5938 MEDIUM

Elementor Addons <= 1.1.1 - Cross-Site Request Forgery via import_templates()

CVE-2025-5930 MEDIUM

WP2HTML <= 1.0.2 - Cross-Site Request Forgery via Missing Nonce Validation

CVE-2025-5928 MEDIUM

WP Sliding Login/Dashboard Panel <2.1.1 - CSRF

CVE-2025-5926 MEDIUM

Link Shield <= 0.5.4 - Cross-Site Request Forgery via Missing Nonce Validation

CVE-2025-6001 HIGH

VirtueMart - Cross-Site Request Forgery

CVE-2025-41661 HIGH

Weidmueller IE-SR-2TX-WL < V1.49 and IE-SR-2TX-WL-4G < V1.62 - Unauthenticated Remote Code Execution via CSRF

CVE-2025-36576 LOW

Dell Wyse Management Suite < 5.2 - Cross-Site Request Forgery

CVE-2025-49511 HIGH

Civi Framework <= 2.1.6 - Cross-Site Request Forgery to User Deactivation

CVE-2025-49510 MEDIUM

WPFactory Min Max Step Quantity Limits Manager for WooCommerce - CSRF

CVE-2025-5925 MEDIUM

Bunny's Print CSS <= 0.95 - Cross-Site Request Forgery via pcss_options_subpanel()

CVE-2025-5900 MEDIUM

Tenda AC9 15.03.02.13 - Cross-Site Request Forgery

CVE-2025-5888 MEDIUM

jsnjfz WebStack-Guns 1.0 - Cross-Site Request Forgery

CVE-2025-5885 MEDIUM

Konica Minolta bizhub <= 20250202 - Cross-Site Request Forgery

CVE-2025-5766 MEDIUM

code-projects simple_laundry_system 1.0 - Cross-Site Request Forgery

CVE-2025-49453 HIGH

Jatinder Pal Singh BP Profile <1.1 - CSRF

CVE-2025-49449 MEDIUM

WP Map Plugins Interactive Regional Map of Africa - CSRF

CVE-2025-49446 MEDIUM

Admin Notes <= 1.1 - Cross-Site Request Forgery

CVE-2025-49445 MEDIUM

WP Map Plugins Interactive UK Regional Map - CSRF

CVE-2025-49440 MEDIUM

WP Security Master <= 1.0.2 - Cross-Site Request Forgery

CVE-2025-49439 MEDIUM

mariusz88atelierweb Atelier Create CV <1.1.2 - CSRF

CVE-2025-49435 MEDIUM

Wp Easy Allopass <= 4.1.1 - Cross-Site Request Forgery

CVE-2025-49425 HIGH

Konami Easter Egg <= v0.4 - Cross-Site Request Forgery

CVE-2025-49332 MEDIUM

WP Time Slots Booking Form <1.2.30 - CSRF

Previous Page 50 of 373 Next

Details

Vulnerabilities 9,322

Exploit Likelihood Medium

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy