Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-352

CWE-352

Medium likelihood

Cross-Site Request Forgery (CSRF)

Parent: CWE-345 - Insufficient Verification of Data Authenticity

The web application does not, or cannot, sufficiently verify whether a request was intentionally provided by the user who sent the request, which could have originated from an unauthorized actor.

9,322 vulnerabilities with CWE-352

CVE-2025-49317 MEDIUM

WP Page Loading <= 1.0.6 - Cross-Site Request Forgery

CVE-2025-49291 MEDIUM

Calculated Fields Form <= 5.3.58 - Cross-Site Request Forgery

CVE-2025-49286 MEDIUM

WP Table Builder <= 2.0.6 - Cross-Site Request Forgery

CVE-2025-49285 MEDIUM

WP Cookie Notice for GDPR, CCPA & ePrivacy Consent <= 3.8.0 - Cross-Site Request Forgery

CVE-2025-49284 MEDIUM

WP Maintenance Mode & Site Under Construction <4.3 - CSRF

CVE-2025-49283 MEDIUM

Anti-spam, Spam protection, ReCaptcha for all forms and GDPR-compliant <= 4.1.1 - Cross-Site Request Forgery

CVE-2025-49273 MEDIUM

WP Tools <= 5.24 - Cross-Site Request Forgery

CVE-2025-49269 MEDIUM

Anton Vanyukov Market Exporter <2.0.22 - CSRF

CVE-2025-49239 MEDIUM

Print Invoice & Delivery Notes for WooCommerce <5.5.0 - CSRF

CVE-2025-49238 MEDIUM

Everest Backup <= 2.3.3 - Cross-Site Request Forgery

CVE-2025-49237 HIGH

POEditor <= 0.9.10 - Cross-Site Request Forgery to Arbitrary File Deletion

CVE-2025-30995 HIGH

OTWthemes Widgetize Pages Light -<3.0 - XSS

CVE-2025-30994 MEDIUM

CubeWP < 1.1.29 - Cross-Site Request Forgery

CVE-2025-30986 MEDIUM

Elite Video Player <= 10.0.5 - Cross-Site Request Forgery

CVE-2025-30981 MEDIUM

WP-Recall <16.26.14 - CSRF/Privilege Escalation

CVE-2025-30980 MEDIUM

Alessandro Piconi Simple Keyword to Link - CSRF

CVE-2025-30968 MEDIUM

jokerbr313 Advanced Post List <0.5.6.2 - CSRF

CVE-2025-30956 MEDIUM

Booqable Rental < 2.4.25 - Cross-Site Request Forgery

CVE-2025-30948 MEDIUM

Giraphix Creative Layouts for Elementor - CSRF

CVE-2025-30946 MEDIUM

Michael Cannon Custom Bulk/Quick Edit <1.6.10 - CSRF

CVE-2025-30632 MEDIUM

Pozzad Global Translator <2.0.2 - CSRF

CVE-2025-30629 MEDIUM

Codehaveli Bitly URL Shortener <= 1.4.1 - Cross-Site Request Forgery

CVE-2025-29005 MEDIUM

weblizar HR Management Lite <3.3 - CSRF

CVE-2025-28986 HIGH

Epicwin Plugin <1.5 - CSRF/SQL Injection

CVE-2025-28984 MEDIUM

WooCommerce Subscription Renewal Reminders <1.3.7 - CSRF

Previous Page 51 of 373 Next

Details

Vulnerabilities 9,322

Exploit Likelihood Medium

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy