Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-352

CWE-352

Medium likelihood

Cross-Site Request Forgery (CSRF)

Parent: CWE-345 - Insufficient Verification of Data Authenticity

The web application does not, or cannot, sufficiently verify whether a request was intentionally provided by the user who sent the request, which could have originated from an unauthorized actor.

9,337 vulnerabilities with CWE-352

CVE-2025-25128 HIGH

Orlando Lac Facilita Form Tracker -<1.0 - XSS

CVE-2025-25126 HIGH

ZMSEO <= 1.14.1 - Cross-Site Request Forgery to Stored Cross-Site Scripting

CVE-2025-25125 HIGH

Fyrebox Quizzes <= 3.1 - Cross-Site Request Forgery to Stored Cross-Site Scripting

CVE-2025-25123 HIGH

xdark Easy Related Posts <2.0.2 - CSRF

CVE-2025-25111 MEDIUM

WP Spell Check <= 9.21 - Cross-Site Request Forgery

CVE-2025-25107 CRITICAL

OneStore Sites <= 0.1.1 - Cross-Site Request Forgery to Arbitrary Plugin Installation

CVE-2025-25106 CRITICAL

FancyWP Starter Templates <2.0.0 - CSRF

CVE-2025-25104 HIGH

mraliende URL-Preview-Box <1.20 - CSRF

CVE-2025-25103 MEDIUM

Indeed API <= 0.5 - Cross-Site Request Forgery

CVE-2025-25101 CRITICAL

MetricThemes Munk Sites <1.0.8 - CSRF

CVE-2025-25093 MEDIUM

Child Themes Helper <2.2.7 - CSRF/Path Traversal

CVE-2025-25088 HIGH

WP Keyword Monitor <= 1.0.5 - Cross-Site Request Forgery

CVE-2025-25075 HIGH

Venugopal Show notice or message on admin area <= 2.0 - Cross-Site Request Forgery to Stored Cross-Site Scripting

CVE-2025-25074 HIGH

Nirmal Kumar Ram WP Social Stream - CSRF

CVE-2025-25072 HIGH

WP Admin Custom Page <1.5.0 - CSRF/XSS

CVE-2025-25071 HIGH

topplugins Vignette Ads <0.3 - CSRF

CVE-2025-1084 MEDIUM

Mindskip xzs-mysql 3.9.0 - Cross-Site Request Forgery

CVE-2025-1074 MEDIUM

Webkul QloApps 1.6.1 - Cross-Site Request Forgery via Logout Function

CVE-2025-0522 MEDIUM

LikeBot < 0.85 - Cross-Site Request Forgery and Stored Cross-Site Scripting

CVE-2025-24982 MEDIUM

Activity Log WinterLock <1.2.5 - CSRF

CVE-2025-22703 HIGH

Forge - Front-End Page Builder <= 1.4.6 - Cross-Site Request Forgery to Stored Cross-Site Scripting

CVE-2025-22690 HIGH

DigiTimber cPanel Integration <1.4.6 - CSRF/XSS

CVE-2025-22688 HIGH

Ederson Peka Unlimited Page Sidebars <0.2.6 - CSRF/XSS

CVE-2025-22685 HIGH

CheGevara Tags to Keywords <1.0.1 - CSRF/XSS

CVE-2025-24749 HIGH

Overt Software Solutions LTD EZPZ SAML SP Single Sign On - CSRF

Previous Page 79 of 374 Next

Details

Vulnerabilities 9,337

Exploit Likelihood Medium

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy