Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-352

CWE-352

Medium likelihood

Cross-Site Request Forgery (CSRF)

Parent: CWE-345 - Insufficient Verification of Data Authenticity

The web application does not, or cannot, sufficiently verify whether a request was intentionally provided by the user who sent the request, which could have originated from an unauthorized actor.

9,337 vulnerabilities with CWE-352

CVE-2025-23996 MEDIUM

AnyRoad < 1.3.2 - Cross-Site Request Forgery

CVE-2025-24001 HIGH

PPO Call To Actions <= 0.1.3 - Cross-Site Request Forgery

CVE-2025-23044 MEDIUM

pwndoc < 0.9.0 - Cross-Site Request Forgery

CVE-2025-23922 CRITICAL

iSpring Embedder <= 1.0 - Cross-Site Request Forgery to Arbitrary File Upload

CVE-2025-23902 HIGH

Taras Dashkevych Error Notification <0.2.7 - CSRF

CVE-2025-23901 HIGH

Oliver Schaal GravatarLocalCache <1.1.2 - CSRF

CVE-2025-23900 HIGH

Genkisan Genki Announcement <1.4.1 - CSRF

CVE-2025-23898 HIGH

Apply with LinkedIn buttons <= 2.3 - Cross-Site Request Forgery to Stored Cross-Site Scripting

CVE-2025-23895 HIGH

Dan Cameron Add RSS <= 1.5 - Cross-Site Request Forgery to Stored Cross-Site Scripting

CVE-2025-23884 HIGH

Chris Roberts Annie < 2.1.1 - Cross-Site Request Forgery

CVE-2025-23880 HIGH

amr personalise <= 2.10 - Cross-Site Request Forgery

CVE-2025-23875 HIGH

Tim Ridgway Better Protected Pages - CSRF

CVE-2025-23872 HIGH

PayForm <= 2.0 - Cross-Site Request Forgery to Stored Cross-Site Scripting

CVE-2025-23871 HIGH

LSD Google Maps Embedder <= 1.1 - Cross-Site Request Forgery

CVE-2025-23870 HIGH

Copyright Safeguard Footer Notice <3.0 - CSRF/XSS

CVE-2025-23869 HIGH

Shibu Lijack/CyberJack CJ Custom Content -n/a-2.0.0 - XSS

CVE-2025-23861 HIGH

Katz Web Services, Inc. Debt Calculator <1.0.1 - CSRF

CVE-2025-23848 HIGH

Hotspots Analytics <= 4.0.12 - Cross-Site Request Forgery to Stored Cross-Site Scripting

CVE-2025-23844 HIGH

wellwisher Custom Widget Classes - CSRF

CVE-2025-23842 HIGH

Nilesh Shiragave WordPress Gallery Plugin - CSRF

CVE-2025-23832 HIGH

Matt Gibbs Admin Cleanup <1.0.2 - CSRF

CVE-2025-23823 HIGH

CNZZ&51LA for WordPress <= 1.0.1 - Cross-Site Request Forgery

CVE-2025-23822 HIGH

Cornea Alexandru Category Custom Fields - CSRF

CVE-2025-23821 HIGH

WP Cookies Alert <= 1.1.1 - Cross-Site Request Forgery

CVE-2025-23820 HIGH

Laxman Thapa Content Security Policy Pro - CSRF

Previous Page 82 of 374 Next

Details

Vulnerabilities 9,337

Exploit Likelihood Medium

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy