Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-352

CWE-352

Medium likelihood

Cross-Site Request Forgery (CSRF)

Parent: CWE-345 - Insufficient Verification of Data Authenticity

The web application does not, or cannot, sufficiently verify whether a request was intentionally provided by the user who sent the request, which could have originated from an unauthorized actor.

9,322 vulnerabilities with CWE-352

CVE-2025-28981 HIGH

Soli WP Mail Options <= 0.2.3 - Cross-Site Request Forgery to Stored Cross-Site Scripting

CVE-2025-28974 HIGH

mail250 Free WP Mail SMTP <1.0 - CSRF

CVE-2025-28966 HIGH

dilemma123 Recent Posts Slider Responsive <1.0.1 - CSRF/XSS

CVE-2025-28964 HIGH

Personal Favicon <= 2.0 - Cross-Site Request Forgery to Stored Cross-Site Scripting

CVE-2025-28958 HIGH

Bg Orthodox Calendar <0.13.10 - CSRF

CVE-2025-28954 HIGH

wphobby Backwp <2.0.2 - CSRF/Path Traversal

CVE-2025-28952 MEDIUM

Jonathan Lau CubePoints <3.2.1 - CSRF

CVE-2025-28950 HIGH

David Shabtai Post Author <= 1.1.1 - Cross-Site Request Forgery

CVE-2025-28948 HIGH

Codedraft Mediabay - WordPress Media Library Folders <1.4 - CSRF

CVE-2025-27360 MEDIUM

WP Corner Quick Event Calendar <1.4.9 - CSRF

CVE-2025-27359 MEDIUM

Seerox WP Media File Type Manager <2.3.0 - CSRF

CVE-2025-26593 MEDIUM

FastBook <= 1.1 - Cross-Site Request Forgery

CVE-2025-24772 MEDIUM

Pay with Contact Form 7 <1.0.4 - CSRF

CVE-2025-49077 MEDIUM

ThemeHigh Dynamic Pricing <2.2.9 - CSRF

CVE-2025-48328 MEDIUM

Daman Jeet Real Time Validation for Gravity Forms <1.7.0 - CSRF

CVE-2025-5732 MEDIUM

Traffic Offense Reporting System 1.0 - Cross-Site Request Forgery

CVE-2025-5019 MEDIUM

Hive Support | AI-Powered Help Desk, Live Chat & AI Chat Bot Plugin...

CVE-2025-4966 MEDIUM

WP Online Users Stats < 1.0.0 - Cross-Site Request Forgery via hk_dataset_results() Function

CVE-2025-2935 MEDIUM

Anti-Spam: Spam Protection | Block Spam Users, Comments, Forms - XSS

CVE-2025-36513 MEDIUM

i-PRO Surveillance Cameras - Cross-Site Request Forgery

CVE-2025-46257 MEDIUM

BdThemes Element Pack Pro <8.0.0 - CSRF

CVE-2025-31482 MEDIUM

FreshRSS < 1.26.2 - Denial of Service via Malicious Feed Entry

CVE-2025-4580 MEDIUM

File Provider WordPress Plugin < 1.2.3 - Cross-Site Request Forgery in Settings Update

CVE-2025-5521 MEDIUM

WuKongOpenSource WukongCRM 9.0 - CSRF

CVE-2025-49069 MEDIUM

Cimatti Consulting Contact Forms <2.0 - CSRF

Previous Page 52 of 373 Next

Details

Vulnerabilities 9,322

Exploit Likelihood Medium

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy