CWE-352

Medium likelihood

Cross-Site Request Forgery (CSRF)

Parent: CWE-345 - Insufficient Verification of Data Authenticity

The web application does not, or cannot, sufficiently verify whether a request was intentionally provided by the user who sent the request, which could have originated from an unauthorized actor.

9,328 vulnerabilities with CWE-352
CVE-2025-22637 MEDIUM
verkkovaraani Print PDF Generator & Publisher <1.2.0 - CSRF
CVSS 4.3
CVE-2025-22634 MEDIUM
Easy Booked - WordPress <2.4.5 - CSRF
CVSS 5.4
CVE-2025-22669 MEDIUM
Awesome Event Booking <2.7.5 - CSRF
CVSS 4.3
CVE-2025-22658 HIGH
Listings for Appfolio < 1.2.0 - Cross-Site Request Forgery to Stored Cross-Site Scripting
CVSS 7.1
CVE-2025-25100 HIGH
Cazamba <= 1.2 - Cross-Site Request Forgery to Reflected Cross-Site Scripting
CVSS 7.1
CVE-2025-25086 HIGH
WPDeveloper Secret Meta <1.2.1 - CSRF
CVSS 7.1
CVE-2025-30923 MEDIUM
PowerfulWP Gift Message <1.7.8 - CSRF
CVSS 4.3
CVE-2025-30919 HIGH
Store Locator Widget <20200131 - CSRF
CVSS 7.1
CVE-2025-30912 MEDIUM
Wow-Company Float menu <= 6.1.2 - Cross-Site Request Forgery
CVSS 5.4
CVE-2025-30888 MEDIUM
silverplugins217 Custom Fields Account Registration For Woocommerce...
CVSS 4.3
CVE-2025-30872 MEDIUM
Nitin Prakash Product Author for WooCommerce <1.0.8 - CSRF
CVSS 4.3
CVE-2025-30865 MEDIUM
3DPrint Lite <= 2.1.3.5 - Cross-Site Request Forgery
CVSS 4.3
CVE-2025-30863 MEDIUM
Integration for Google Sheets and Contact Form 7, WPForms, Elementor, Ninja Forms <= 1.0.9 - Cross-Site Request Forgery
CVSS 4.3
CVE-2025-30862 MEDIUM
reCAPTCHA for all <= 2.22 - Cross-Site Request Forgery
CVSS 4.3
CVE-2025-30857 HIGH
Currency Switcher for WooCommerce <0.0.8 - CSRF
CVSS 7.1
CVE-2025-30856 MEDIUM
Custom Field For WP Job Manager <1.4 - CSRF
CVSS 4.3
CVE-2025-30854 MEDIUM
Saso Serial Codes Generator and Validator <2.7.7 - CSRF
CVSS 4.3
CVE-2025-30842 MEDIUM
Christmas Panda <= 1.0.4 - Cross-Site Request Forgery
CVSS 4.3
CVE-2025-30833 MEDIUM
Verge3D <= 4.8.2 - Cross-Site Request Forgery
CVSS 4.3
CVE-2025-30823 MEDIUM
Boone Gorges Anthologize <0.8.2 - CSRF
CVSS 4.3
CVE-2025-30822 MEDIUM
Hakik Zaman Custom Login Logo <1.1.7 - CSRF
CVSS 4.3
CVE-2025-30816 MEDIUM
Nks publish post email notification <1.0.2.3 - CSRF
CVSS 4.3
CVE-2025-30815 MEDIUM
Hesabfa Accounting <= 2.1.8 - Cross-Site Request Forgery
CVSS 4.3
CVE-2025-30811 MEDIUM
Javier Revilla ValidateCertify - CSRF
CVSS 4.3
CVE-2025-30805 MEDIUM
wpdesk Flexible Cookies <1.1.8 - CSRF
CVSS 4.3
Details
Vulnerabilities 9,328
Exploit Likelihood Medium
Links
MITRE CWE Entry Search this CWE With Exploits