Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-352

CWE-352

Medium likelihood

Cross-Site Request Forgery (CSRF)

Parent: CWE-345 - Insufficient Verification of Data Authenticity

The web application does not, or cannot, sufficiently verify whether a request was intentionally provided by the user who sent the request, which could have originated from an unauthorized actor.

9,336 vulnerabilities with CWE-352

CVE-2025-28941 MEDIUM

Spam Byebye <= 2.2.4 - Cross-Site Request Forgery

CVE-2025-28940 MEDIUM

arkapravamajumder Back To Top <2.0 - CSRF

CVE-2025-28933 HIGH

maxfoundry MaxA/B -n/a-2.2.2 - CSRF

CVE-2025-28932 HIGH

BCS Website Solutions Insert Code <2.4 - CSRF

CVE-2025-28931 HIGH

DevriX Hashtags <= 0.3.2 - Cross-Site Request Forgery to Stored Cross-Site Scripting

CVE-2025-28927 MEDIUM

A. Chappard Display Template Name <1.7.1 - CSRF

CVE-2025-28925 HIGH

WATI Chat and Notification <= 1.1.2 - Cross-Site Request Forgery to Stored Cross-Site Scripting

CVE-2025-28923 HIGH

No Disposable Email <= 2.5.1 - Cross-Site Request Forgery to Stored Cross-Site Scripting

CVE-2025-28922 HIGH

Go To Top <= 0.0.8 - Cross-Site Request Forgery to Stored Cross-Site Scripting

CVE-2025-28913 MEDIUM

Aftab Ali Muni WP Add Active Class To Menu Item - CSRF

CVE-2025-28912 MEDIUM

Muntasir Rahman Custom Dashboard Page - CSRF

CVE-2025-28910 MEDIUM

WP Hide Admin Bar <= 2.0 - Cross-Site Request Forgery

CVE-2025-28909 MEDIUM

WP No-Bot Question <= 0.1.7 - Cross-Site Request Forgery

CVE-2025-28902 MEDIUM

Contact Form 7 Select Box Editor Button <0.6 - CSRF

CVE-2025-28901 HIGH

Members page only for logged in users <= 1.4.2 - Cross-Site Request Forgery to Stored Cross-Site Scripting

CVE-2025-28900 HIGH

TabGarb Pro <= 2.6 - Cross-Site Request Forgery to Stored Cross-Site Scripting

CVE-2025-28897 HIGH

Steveorevo Domain Theme <1.3 - CSRF

CVE-2025-28894 HIGH

WordPress List of Posts <2.0 - CSRF

CVE-2025-28892 HIGH

a2rocklobster FTP Sync <1.1.6 - CSRF/XSS

CVE-2025-28891 HIGH

jazzigor price-calc <= 0.6.3 - Cross-Site Request Forgery to Stored Cross-Site Scripting

CVE-2025-28887 MEDIUM

Plugins Last Updated Column <= 0.1.3 - Cross-Site Request Forgery

CVE-2025-28886 MEDIUM

xjb REST API TO MiniProgram <4.7.1 - CSRF

CVE-2025-28884 MEDIUM

Rajesh Kumar WP Bulk Post Duplicator - CSRF

CVE-2025-28883 HIGH

Martin WP Compare Tables <1.0.6 - CSRF

CVE-2025-28881 MEDIUM

Mobile Themes <= 1.1.1 - Cross-Site Request Forgery

Previous Page 73 of 374 Next

Details

Vulnerabilities 9,336

Exploit Likelihood Medium

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy