Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-352

CWE-352

Medium likelihood

Cross-Site Request Forgery (CSRF)

Parent: CWE-345 - Insufficient Verification of Data Authenticity

The web application does not, or cannot, sufficiently verify whether a request was intentionally provided by the user who sent the request, which could have originated from an unauthorized actor.

9,322 vulnerabilities with CWE-352

CVE-2025-39430 HIGH

Alexander Rauscha mLanguage <= 1.6.1 - Cross-Site Request Forgery

CVE-2025-39426 MEDIUM

illow - Cookies Consent <0.2.0 - CSRF

CVE-2025-39425 MEDIUM

Pixelgrade Style Manager <2.2.7 - CSRF

CVE-2025-39424 HIGH

Simple Maps <= 0.98 - Cross-Site Request Forgery to Stored Cross-Site Scripting

CVE-2025-39423 HIGH

Jenst Add to Header <= 1.0 - Cross-Site Request Forgery to Stored Cross-Site Scripting

CVE-2025-39422 HIGH

PResponsive WP Social Bookmarking <3.6 - CSRF

CVE-2025-39421 HIGH

Mustafa KUCUK WP Sticky Side Buttons - Stored XSS

CVE-2025-39419 HIGH

Revision Diet <= 1.0.1 - Cross-Site Request Forgery to Stored Cross-Site Scripting

CVE-2025-39418 HIGH

RSS Manager <= 0.06 - Cross-Site Request Forgery to Stored Cross-Site Scripting

CVE-2025-39417 HIGH

Redirect wordpress to welcome or landing page <= 2.0 - Cross-Site Request Forgery to Stored Cross-Site Scripting

CVE-2025-39416 HIGH

Ichi translit it! <= 1.6 - Cross-Site Request Forgery to Stored Cross-Site Scripting

CVE-2025-39415 HIGH

Jayesh Parejiya Social Media Links <1.0.4 - CSRF

CVE-2025-39414 HIGH

spam-stopper <= 3.1.3 - Cross-Site Request Forgery to Stored Cross-Site Scripting

CVE-2025-32655 HIGH

DevriX Restrict User Registration <1.0.1 - CSRF

CVE-2025-32606 HIGH

Listings for Buildium <= 0.1.5 - Cross-Site Request Forgery to Stored Cross-Site Scripting

CVE-2025-32546 HIGH

gtlwpdev All push notification for WP <1.5.3 - CSRF

CVE-2025-32545 HIGH

SOFTAGON WooCommerce <0.1 - CSRF/XSS

CVE-2025-39472 MEDIUM

WooCommerce Social Login < 2.8.3 - Cross-Site Request Forgery

CVE-2025-39601 CRITICAL

WPFactory Custom CSS, JS & PHP <2.4.1 - CSRF

CVE-2025-39600 MEDIUM

Integration for WooCommerce and QuickBooks < 1.3.1 - Cross-Site Request Forgery

CVE-2025-39593 MEDIUM

Ever Accounting <= 2.1.5 - Cross-Site Request Forgery

CVE-2025-39564 MEDIUM

WP Trio Conditional Shipping <3.4.0 - CSRF

CVE-2025-39563 MEDIUM

WP Trio Conditional Payments <3.3.0 - CSRF

CVE-2025-39548 HIGH

A WP Life Right Click Disable OR Ban <1.1.17 - CSRF

CVE-2025-39547 HIGH

Toast Plugins Internal Link Optimiser <5.1.3 - XSS

Previous Page 60 of 373 Next

Details

Vulnerabilities 9,322

Exploit Likelihood Medium

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy