Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-352

CWE-352

Medium likelihood

Cross-Site Request Forgery (CSRF)

Parent: CWE-345 - Insufficient Verification of Data Authenticity

The web application does not, or cannot, sufficiently verify whether a request was intentionally provided by the user who sent the request, which could have originated from an unauthorized actor.

9,337 vulnerabilities with CWE-352

CVE-2025-23818 HIGH

Peggy Kuo More Link Modifier <1.0.3 - CSRF

CVE-2025-23817 HIGH

MHR-Custom-Anti-Copy <= 2.0 - Cross-Site Request Forgery to Stored Cross-Site Scripting

CVE-2025-23815 HIGH

linickx root Cookie <= 1.6 - Cross-Site Request Forgery

CVE-2025-23810 HIGH

Len Slider <= 2.0.11 - Cross-Site Request Forgery to Reflected Cross-Site Scripting

CVE-2025-23808 HIGH

Matt van Andel Custom List Table Example <1.4.1 - CSRF/XSS

CVE-2025-23805 HIGH

SEOReseller Partner <= 1.3.15 - Cross-Site Request Forgery

CVE-2025-23804 HIGH

WP Service Payment Form With Authorize.net <2.6.0 - CSRF

CVE-2025-23801 HIGH

Benjamin Guy Style Admin <1.4.3 - CSRF

CVE-2025-23800 HIGH

OrangeBox <= 3.0.0 - Cross-Site Request Forgery

CVE-2025-23797 CRITICAL

WP Options Editor <1.1 - CSRF/Privilege Escalation

CVE-2025-23793 HIGH

Turcu Ciprian Auto FTP <1.0.1 - CSRF

CVE-2025-23765 MEDIUM

W3SPEEDSTER <= 7.33 - Cross-Site Request Forgery

CVE-2025-23749 HIGH

mybb Last Topics <= 1.0 - Cross-Site Request Forgery to Stored Cross-Site Scripting

CVE-2025-23745 HIGH

Tussendoor - Cross-Site Request Forgery

CVE-2025-23743 HIGH

Martijn Scheybeler Social Analytics - CSRF

CVE-2025-23720 HIGH

Web Push <= 1.4.0 - Cross-Site Request Forgery to Stored Cross-Site Scripting

CVE-2025-23717 HIGH

ITMOOTI Theme My Ontraport Smartform <1.2.11 - CSRF

CVE-2025-23715 HIGH

RaymondDesign Post & Page Notes <0.1.1 - CSRF

CVE-2025-23713 HIGH

Artem Anikeev Hack me if you can - CSRF

CVE-2025-23712 HIGH

Kapost <= 2.2.9 - Cross-Site Request Forgery to Stored Cross-Site Scripting

CVE-2025-23710 HIGH

Flying Twitter Birds <= 1.8 - Cross-Site Request Forgery to Stored Cross-Site Scripting

CVE-2025-23708 HIGH

DF Draggable <= 1.13.2 - Cross-Site Request Forgery to Stored Cross-Site Scripting

CVE-2025-23703 HIGH

Free MailClient FMC <= 1.0 - Cross-Site Request Forgery to Stored Cross-Site Scripting

CVE-2025-23702 HIGH

Schalk Burger Anonymize Links <1.1 - CSRF

CVE-2025-23698 HIGH

WP Custom Google Search <= 1.0 - Cross-Site Request Forgery to Stored Cross-Site Scripting

Previous Page 83 of 374 Next

Details

Vulnerabilities 9,337

Exploit Likelihood Medium

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy