Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-352

CWE-352

Medium likelihood

Cross-Site Request Forgery (CSRF)

Parent: CWE-345 - Insufficient Verification of Data Authenticity

The web application does not, or cannot, sufficiently verify whether a request was intentionally provided by the user who sent the request, which could have originated from an unauthorized actor.

9,322 vulnerabilities with CWE-352

CVE-2025-46251 HIGH

VikRestaurants Table Reservations & Take-Away <1.3.3 - CSRF

CVE-2025-46249 MEDIUM

Michael Simple calendar for Elementor <1.6.4 - CSRF

CVE-2025-46246 MEDIUM

CM Answers <= 3.3.3 - Cross-Site Request Forgery

CVE-2025-46245 MEDIUM

CM Ad Changer <= 2.0.5 - Cross-Site Request Forgery

CVE-2025-46243 MEDIUM

sonalsinha21 Recover abandoned cart for WooCommerce - CSRF

CVE-2025-46241 HIGH

Appointment Booking Calendar <1.3.92 - CSRF

CVE-2025-46231 MEDIUM

SERVIT Software Solutions affiliate-toolkit <3.7.3 - CSRF

CVE-2025-3843 MEDIUM

panhainan DS-Java 1.0 - Cross-Site Request Forgery

CVE-2025-3808 MEDIUM

zhenfeng13 My-BBS 1.0 - Cross-Site Request Forgery

CVE-2025-2111 HIGH

Insert Headers And Footers <= 3.1.1 - Cross-Site Request Forgery via custom_plugin_set_option

CVE-2025-3284 MEDIUM

User Registration PRO WordPress Plugin <= 5.1.3 - Cross-Site Request Forgery

CVE-2025-28355 MEDIUM

Volmarg Personal Management System 1.4.65 - Cross-Site Request Forgery via SameSite Cookie Attribute

CVE-2025-29722 MEDIUM

Commercify v1.0 - Cross-Site Request Forgery

CVE-2025-28101 MEDIUM

flaskBlog 2.6.1 - Arbitrary File Deletion via Post Title Parameter

CVE-2025-39455 HIGH

IP2Location Variables <2.9.5 - CSRF/XSS

CVE-2025-39453 MEDIUM

algol.plus Advanced Dynamic Pricing for WooCommerce <4.9.3 - CSRF

CVE-2025-39443 MEDIUM

Verge3D <= 4.9.0 - Cross-Site Request Forgery

CVE-2025-39442 HIGH

MessageMetric Review Wave - Google Places Reviews <1.4.7 - XSS

CVE-2025-39441 HIGH

Dashboard Notepads <= 1.2.1 - Cross-Site Request Forgery to Stored Cross-Site Scripting

CVE-2025-39440 HIGH

Rajesh Broken Links Remover <1.2.2 - CSRF

CVE-2025-39438 MEDIUM

Theme Changer <= 1.4 - Cross-Site Request Forgery

CVE-2025-39437 MEDIUM

Boone Gorges Anthologize <0.8.3 - CSRF

CVE-2025-39435 HIGH

davidfcarr My Marginalia <1.0.7 - CSRF

CVE-2025-39433 HIGH

Bknewsticker <= 1.0.5 - Cross-Site Request Forgery and Stored Cross-Site Scripting

CVE-2025-39431 HIGH

Amazon Showcase WordPress Plugin <= 2.2 - Cross-Site Request Forgery to Stored Cross-Site Scripting

Previous Page 59 of 373 Next

Details

Vulnerabilities 9,322

Exploit Likelihood Medium

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy