Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-352

CWE-352

Medium likelihood

Cross-Site Request Forgery (CSRF)

Parent: CWE-345 - Insufficient Verification of Data Authenticity

The web application does not, or cannot, sufficiently verify whether a request was intentionally provided by the user who sent the request, which could have originated from an unauthorized actor.

9,322 vulnerabilities with CWE-352

CVE-2025-5410 MEDIUM

Mist Community Edition < 4.7.2 - Cross-Site Request Forgery in session_start_response

CVE-2025-48885 MEDIUM

application-urlshortener < 1.2.4 - Unauthenticated Arbitrary Page Creation

CVE-2025-5142 MEDIUM

Simple Page Access Restriction <= 1.0.31 - Cross-Site Request Forgery via Settings Save Handler

CVE-2025-48483 MEDIUM

FreeScout < 1.8.180 - Stored Cross-Site Scripting and Cross-Site Request Forgery via Mail Signature

CVE-2025-26211 LOW

Gibbon < 29.0.00 - Cross-Site Request Forgery

CVE-2025-5185 MEDIUM

Summer Pearl Group Vacation Rental Management Platform <1.0.1 - CSRF

CVE-2025-5132 MEDIUM

Tmall Demo < 2025-05-05 - Cross-Site Request Forgery in Admin Account Logout

CVE-2025-48740 MEDIUM

StrangeBee TheHive <5.2.16-5.4.10-5.5.1 - CSRF

CVE-2025-46458 HIGH

x000x occupancyplan <1.0.3.0 - CSRF

CVE-2025-5033 MEDIUM

TeaCMS 2.0.2 - Cross-Site Request Forgery in User Management

CVE-2025-48340 CRITICAL

User Profile Meta Manager <1.02 - CSRF/Privilege Escalation

CVE-2025-43840 HIGH

CheckBot <= 1.05 - Cross-Site Request Forgery to Stored Cross-Site Scripting

CVE-2025-43835 MEDIUM

wp-cyr-cho <= 0.1 - Cross-Site Request Forgery

CVE-2025-47583 MEDIUM

Salon booking system <= 10.16 - CSRF

CVE-2025-39375 MEDIUM

Ashok G Easy Child Theme Creator - CSRF

CVE-2025-39374 HIGH

aseem1234 Best Posts Summary <1.0 - CSRF

CVE-2025-39371 MEDIUM

Sanjeev Mohindra Author Box Plugin <1.3.5 - CSRF

CVE-2025-39351 MEDIUM

ThemeGoods Grand Restaurant <= 7.0 - Cross-Site Request Forgery

CVE-2025-48344 MEDIUM

Rootspersona <= 3.7.5 - Cross-Site Request Forgery

CVE-2025-48342 MEDIUM

RedefiningTheWeb Dynamic Pricing & Discounts Lite - CSRF

CVE-2025-48285 MEDIUM

sbouey Falang multilanguage <1.3.61 - CSRF

CVE-2025-48284 MEDIUM

Japanized For WooCommerce <2.6.40 - CSRF

CVE-2025-48265 MEDIUM

Pektsekye Year Make Model Search for WooCommerce <1.0.11 - CSRF

CVE-2025-48264 MEDIUM

Product Code for WooCommerce <1.5.0 - CSRF

CVE-2025-48259 MEDIUM

WP Mapa Politico España <3.8.0 - CSRF

Previous Page 53 of 373 Next

Details

Vulnerabilities 9,322

Exploit Likelihood Medium

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy