Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-352

CWE-352

Medium likelihood

Cross-Site Request Forgery (CSRF)

Parent: CWE-345 - Insufficient Verification of Data Authenticity

The web application does not, or cannot, sufficiently verify whether a request was intentionally provided by the user who sent the request, which could have originated from an unauthorized actor.

9,322 vulnerabilities with CWE-352

CVE-2025-48255 MEDIUM

videowhisper Broadcast Live Video < 6.2.4 - Cross-Site Request Forgery

CVE-2025-48243 MEDIUM

reCAPTCHA for all <= 2.26 - Cross-Site Request Forgery

CVE-2025-48238 HIGH

AWcode Toolkit <= 1.0.18 - Cross-Site Request Forgery to Stored Cross-Site Scripting

CVE-2025-48233 HIGH

Affiliates Manager Google reCAPTCHA Integration <1.0.6 - XSS

CVE-2025-4887 MEDIUM

Online Student Clearance System 1.0 - Cross-Site Request Forgery

CVE-2025-4194 MEDIUM

WordPress AlT Monitoring <1.0.3 - CSRF

CVE-2025-4189 MEDIUM

Audio Comments Plugin <1.0.4 - CSRF

CVE-2025-48146 HIGH

SEO Flow by LupsOnline <= 2.2.1 - Cross-Site Request Forgery to Stored Cross-Site Scripting

CVE-2025-48144 HIGH

Import Export For WooCommerce <= 1.6.2 - Cross-Site Request Forgery to Stored Cross-Site Scripting

CVE-2025-48115 MEDIUM

Javier Revilla ValidateCertify <1.6.2 - CSRF

CVE-2025-48114 HIGH

ShayanWeb Admin FontChanger -n/a-1.9.1 - XSS

CVE-2025-32310 HIGH

ThemeMove QuickCal <1.0.13 - CSRF/Privilege Escalation

CVE-2025-32245 MEDIUM

LambertGroup Apollo <3.6.3 - SQL Injection

CVE-2025-31922 HIGH

QuanticaLabs CSS3 Accordions <3.0 - XSS

CVE-2025-31921 MEDIUM

loopus WP Ultimate Tours Builder - CSRF

CVE-2025-31915 MEDIUM

Pixel WordPress Form BuilderPlugin & Autoresponder <1.0.3 - CSRF

CVE-2025-31639 MEDIUM

Spare < 1.7 - Cross-Site Request Forgery

CVE-2025-31068 MEDIUM

Seven Stars < 1.4.4 - Cross-Site Request Forgery

CVE-2025-2247 MEDIUM

WP-PManager < 1.2 - Cross-Site Request Forgery in Settings Update

CVE-2025-1288 MEDIUM

WOOEXIM <5.0.0 - CSRF leading to XSS

CVE-2025-32922 HIGH

Tobias WP2LEADS <= 3.5.0 - Cross-Site Request Forgery

CVE-2025-44185 MEDIUM

Best Employee Management System V1.0 - Cross-Site Request Forgery via Password Change

CVE-2025-47886 MEDIUM

Jenkins Cadence vManager < 4.0.1-286.v9e25a_740b_a_48 - Cross-Site Request Forgery

CVE-2025-47708 HIGH

miniorange_2fa 5.0.0-5.1.9 - Cross-Site Request Forgery

CVE-2025-47701 HIGH

Restrict route by IP < 1.3.0 - Cross-Site Request Forgery

Previous Page 54 of 373 Next

Details

Vulnerabilities 9,322

Exploit Likelihood Medium

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy