Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-352

CWE-352

Medium likelihood

Cross-Site Request Forgery (CSRF)

Parent: CWE-345 - Insufficient Verification of Data Authenticity

The web application does not, or cannot, sufficiently verify whether a request was intentionally provided by the user who sent the request, which could have originated from an unauthorized actor.

9,337 vulnerabilities with CWE-352

CVE-2025-27012 HIGH

A1POST.BG Shipping for Woo <1.5.1 - CSRF/Privilege Escalation

CVE-2025-1557 MEDIUM

OFCMS 1.1.3 - Cross-Site Request Forgery

CVE-2025-25772 MEDIUM

jspxcms 9.0.0-9.5.0 - Cross-Site Request Forgery in UserController

CVE-2025-25770 MEDIUM

wangmarket 4.10-5.0 - Cross-Site Request Forgery via AgencyUserController

CVE-2025-25769 HIGH

wangmarket 4.10-5.0 - Cross-Site Request Forgery via UserController

CVE-2025-0865 MEDIUM

WP Media Category Management 2.0-2.3.3 - Cross-Site Request Forgery via wp_mcm_handle_action_settings()

CVE-2025-1441 MEDIUM

Royal Elementor Addons and Templates < 1.7.1007 - Cross-Site Request Forgery via wpr_filter_woo_products Function

CVE-2025-0796 MEDIUM

Mortgage Lead Capture System <8.2.10 - CSRF

CVE-2025-26768 HIGH

what3words Address Field <= 4.0.15 - Cross-Site Request Forgery to Stored Cross-Site Scripting

CVE-2025-26759 HIGH

alexvtn Content Snippet Manager <1.1.5 - CSRF/XSS

CVE-2025-1358 MEDIUM

Pix Software Vivaz 6.0.10 - Cross-Site Request Forgery

CVE-2025-24699 HIGH

WP Coder <= 3.6 - Cross-Site Request Forgery to Cross-Site Scripting

CVE-2025-22705 HIGH

Disqus Popular Posts <= 2.1.1 - Cross-Site Request Forgery to Reflected Cross-Site Scripting

CVE-2025-23411 MEDIUM

mySCADA myPRO < 1.4 - Cross-Site Request Forgery

CVE-2025-26582 HIGH

Blackbam TinyMCE Advanced qTranslate fix editor problems <= 1.0.0 - Cross-Site Scripting

CVE-2025-26580 HIGH

Page/Post Specific Social Share Buttons <= 2.1 - Cross-Site Request Forgery to Stored Cross-Site Scripting

CVE-2025-26578 HIGH

Simple Documentation <= 1.2.8 - Cross-Site Request Forgery to Stored Cross-Site Scripting

CVE-2025-26577 HIGH

daxiawp DX-auto-publish -<1.2 - XSS

CVE-2025-26572 HIGH

WP PHPList <= 1.7 - Cross-Site Request Forgery

CVE-2025-26571 HIGH

Wibiya Toolbar <= 2.0 - Cross-Site Request Forgery

CVE-2025-26570 HIGH

Glance That <= 4.9 - Cross-Site Request Forgery

CVE-2025-26569 HIGH

Post Thumbs <= 1.5 - Cross-Site Request Forgery to Stored Cross-Site Scripting

CVE-2025-26568 HIGH

jensmueller Easy Amazon Product Information <4.0.1 - CSRF

CVE-2025-26562 HIGH

Shambhu Patnaik RSS Filter - Stored XSS

CVE-2025-26550 HIGH

Kunal Shivale Global Meta Keyword & Description <2.3 - XSS

Previous Page 77 of 374 Next

Details

Vulnerabilities 9,337

Exploit Likelihood Medium

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy