Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-352

CWE-352

Medium likelihood

Cross-Site Request Forgery (CSRF)

Parent: CWE-345 - Insufficient Verification of Data Authenticity

The web application does not, or cannot, sufficiently verify whether a request was intentionally provided by the user who sent the request, which could have originated from an unauthorized actor.

9,337 vulnerabilities with CWE-352

CVE-2025-23694 HIGH

Shabbos Commerce Shabbos & Yom Tov <1.9 - CSRF

CVE-2025-23693 HIGH

Secure CAPTCHA <= 1.2 - Cross-Site Request Forgery to Stored Cross-Site Scripting

CVE-2025-23692 HIGH

Artem Anikeev Slider for Writers - CSRF

CVE-2025-23691 HIGH

Send to Twitter <= 1.7.2 - Cross-Site Request Forgery to Stored Cross-Site Scripting

CVE-2025-23690 HIGH

ArtkanMedia Book a Place <0.7.1 - CSRF

CVE-2025-23677 HIGH

DSmidgy HTTP to HTTPS Link Changer <0.2.4 - XSS

CVE-2025-23675 HIGH

SandyIN Import Users to MailChimp - CSRF

CVE-2025-23673 HIGH

Don Kukral Email on Publish <1.5 - CSRF

CVE-2025-23665 HIGH

RSV GMaps <= 1.5 - Cross-Site Request Forgery to Stored Cross-Site Scripting

CVE-2025-23664 HIGH

Real Seguro Viagem <= 2.0.5 - Cross-Site Request Forgery to Stored Cross-Site Scripting

CVE-2025-23662 HIGH

WP Panoramio <= 1.5.0 - Cross-Site Request Forgery to Stored Cross-Site Scripting

CVE-2025-23661 HIGH

NV Slider <= 1.6 - Cross-Site Request Forgery to Stored Cross-Site Scripting

CVE-2025-23660 HIGH

Walter Cerrudo MFPlugin <1.4 - CSRF

CVE-2025-23659 HIGH

MercadoLibre Integration <= 1.1 - Cross-Site Request Forgery to Stored Cross-Site Scripting

CVE-2025-23654 HIGH

Twitter Post <= 0.1 - Cross-Site Request Forgery to Stored Cross-Site Scripting

CVE-2025-23649 HIGH

Kreg Steppe Auphonic Importer <1.5.2 - CSRF

CVE-2025-23640 HIGH

Nazmul Ahsan Rename Author Slug <1.2.0 - CSRF

CVE-2025-23639 HIGH

MDC YouTube Downloader <3.0.0 - CSRF

CVE-2025-23627 HIGH

Gordon French Comment-Emailer <1.0.5 - CSRF

CVE-2025-23618 HIGH

Andrea Brandi Twitter Shortcode <0.9 - CSRF

CVE-2025-23617 HIGH

Floatbox Plus <= 1.4.4 - Cross-Site Request Forgery to Stored Cross-Site Scripting

CVE-2025-23577 HIGH

Word Freshener <= 1.3 - Cross-Site Request Forgery to Stored Cross-Site Scripting

CVE-2025-23573 HIGH

WP Background Tile <= 1.0 - Cross-Site Request Forgery to Stored Cross-Site Scripting

CVE-2025-23572 HIGH

Dave Konopka, Martin Scharm UpDownUpDown - CSRF

CVE-2025-23569 HIGH

Shortcode in Comment <= 1.1.1 - Cross-Site Request Forgery to Stored Cross-Site Scripting

Previous Page 84 of 374 Next

Details

Vulnerabilities 9,337

Exploit Likelihood Medium

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy