CWE-352

Medium likelihood

Cross-Site Request Forgery (CSRF)

Parent: CWE-345 - Insufficient Verification of Data Authenticity

The web application does not, or cannot, sufficiently verify whether a request was intentionally provided by the user who sent the request, which could have originated from an unauthorized actor.

9,328 vulnerabilities with CWE-352
CVE-2025-32280 MEDIUM
WP Project Manager < 2.6.25 - Cross-Site Request Forgery
CVSS 4.3
CVE-2025-32278 MEDIUM
Table Block by RioVizual <= 2.3.1 - Cross-Site Request Forgery
CVSS 4.3
CVE-2025-32276 MEDIUM
Administrator Z <=2025.03.04 - CSRF
CVSS 4.3
CVE-2025-32274 MEDIUM
WP w3all phpBB <= 2.9.8 - Cross-Site Request Forgery
CVSS 4.3
CVE-2025-32273 MEDIUM
Freetobook Responsive Widget - CSRF
CVSS 4.3
CVE-2025-32272 MEDIUM
PickPlugins Wishlist <1.0.44 - CSRF
CVSS 4.3
CVE-2025-32271 MEDIUM
Woocommerce Role Pricing <3.5.5 - CSRF
CVSS 4.3
CVE-2025-32270 MEDIUM
Broadstreet Ads <= 1.52.1 - Cross-Site Request Forgery
CVSS 4.3
CVE-2025-32269 MEDIUM
WP Zendesk for Contact Form 7, WPForms, Elementor, Formidable and Ninja Forms <= 1.1.3 - Cross-Site Request Forgery
CVSS 4.3
CVE-2025-32268 MEDIUM
www.15.to QR Code Tag for WC <1.9.36 - CSRF
CVSS 4.3
CVE-2025-32267 MEDIUM
WordPress to Hootsuite <1.5.8 - CSRF
CVSS 4.3
CVE-2025-32266 MEDIUM
404 Image Redirection (Replace Broken Images) <= 1.4 - Cross-Site Request Forgery
CVSS 4.3
CVE-2025-32265 MEDIUM
JobWP <= 2.3.9 - Cross-Site Request Forgery
CVSS 4.3
CVE-2025-32264 MEDIUM
UltraAddons Elementor Lite <= 2.0.2 - Cross-Site Request Forgery
CVSS 4.3
CVE-2025-32263 MEDIUM
BeRocket Sequential Order Numbers <3.6.2 - CSRF
CVSS 4.3
CVE-2025-32262 MEDIUM
RDP Wiki Embed <= 1.2.20 - Cross-Site Request Forgery
CVSS 4.3
CVE-2025-32261 MEDIUM
Kuppuraj Advanced All in One Admin Search <1.1.1 - CSRF
CVSS 4.3
CVE-2025-32250 MEDIUM
Rollbar <= 2.7.1 - Cross-Site Request Forgery
CVSS 5.4
CVE-2025-32249 MEDIUM
DirectoryPress <= 3.6.22 - Cross-Site Request Forgery
CVSS 5.4
CVE-2025-32248 MEDIUM
SwiftXR (3D/AR/VR) Viewer <= 1.0.7 - Cross-Site Request Forgery
CVSS 5.4
CVE-2025-32247 MEDIUM
ABCdatos AI Content Creator <1.2.6 - CSRF
CVSS 5.4
CVE-2025-32241 MEDIUM
CleverReach Official CleverReach Plugin for WooCommerce <3.4.3 - CSRF
CVSS 6.5
CVE-2025-32113 HIGH
Renzo Tejada Libro de Reclamaciones y Quejas - CSRF
CVSS 7.1
CVE-2025-32112 HIGH
OTWthemes Sidebar Manager Light <1.1.8 - CSRF
CVSS 7.1
CVE-2025-2797 MEDIUM
Woffice Core <= 5.4.21 - Cross-Site Request Forgery via User Approval Action
CVSS 5.4
Details
Vulnerabilities 9,328
Exploit Likelihood Medium
Links
MITRE CWE Entry Search this CWE With Exploits