Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-352

CWE-352

Medium likelihood

Cross-Site Request Forgery (CSRF)

Parent: CWE-345 - Insufficient Verification of Data Authenticity

The web application does not, or cannot, sufficiently verify whether a request was intentionally provided by the user who sent the request, which could have originated from an unauthorized actor.

9,336 vulnerabilities with CWE-352

CVE-2025-30550 HIGH

WPShop.ru CallPhone'r <= 1.1.1 - Cross-Site Request Forgery to Stored Cross-Site Scripting

CVE-2025-30549 MEDIUM

Yummly Rich Recipes <= 4.2 - Cross-Site Request Forgery

CVE-2025-30546 MEDIUM

boroV Cackle <= 4.33 - Cross-Site Request Forgery

CVE-2025-30542 MEDIUM

wpsolutions SoundCloud Ultimate - CSRF

CVE-2025-30541 MEDIUM

OTWthemes Info Boxes Shortcode & Widget <1.15 - CSRF

CVE-2025-30538 MEDIUM

ChrisHurst Simple Optimizer <1.2.8 - CSRF

CVE-2025-30535 MEDIUM

muro External image replace <= 1.0.8 - Cross-Site Request Forgery

CVE-2025-30534 MEDIUM

captcha.soft Image Captcha <1.3 - CSRF

CVE-2025-30531 MEDIUM

GBS Developer WP Ride Booking <2.4 - CSRF

CVE-2025-30529 MEDIUM

Auto Load Next Post <= 1.5.14 - Cross-Site Request Forgery

CVE-2025-30528 CRITICAL

wpshopee Awesome Logos <1.2 - CSRF, SQL Injection

CVE-2025-30526 MEDIUM

Typekit plugin for WordPress <= 1.2.3 - Cross-Site Request Forgery

CVE-2025-30522 HIGH

Contact Form 7 Material Design - Stored XSS

CVE-2025-30521 MEDIUM

Giangmd93 GP Back To Top <3.0 - CSRF

CVE-2025-0807 MEDIUM

WordPress Use Custom Fonts <4.2 - CSRF

CVE-2025-1473 HIGH

MLflow 2.17.0-2.20.1 - Cross-Site Request Forgery in Signup Feature

CVE-2025-1314 MEDIUM

Custom Twitter Feeds - WordPress <2.2.5 - CSRF

CVE-2025-2420 MEDIUM

i Morning < bc782730c74ff080494f145cc363a0b4f43f7d3e - Cross-Site Request Forgery

CVE-2025-26899 MEDIUM

Recapture Cart Recovery & Email Marketing Recapture for WooCommerce...

CVE-2025-1530 MEDIUM

Tripetto WordPress Plugin <= 8.0.9 - Cross-Site Request Forgery via Missing Nonce Validation

CVE-2025-2163 MEDIUM

Zoorum Comments < 0.9 - Cross-Site Request Forgery via Missing Nonce Validation

CVE-2025-25873 MEDIUM

OpenPanel OpenAdmin 0.3.4 - Cross-Site Request Forgery via Change Root Password Function

CVE-2025-1764 HIGH

LoginPress | wp-login Custom Login Page Customizer <3.3.1 - CSRF

CVE-2025-1436 HIGH

Limit Bio WordPress Plugin <= 1.0 - Cross-Site Request Forgery and Stored Cross-Site Scripting

CVE-2025-27792 HIGH

Opal < 5.1.1 - Cross-Site Request Forgery via Referrer Header Bypass

Previous Page 72 of 374 Next

Details

Vulnerabilities 9,336

Exploit Likelihood Medium

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy