Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-352

CWE-352

Medium likelihood

Cross-Site Request Forgery (CSRF)

Parent: CWE-345 - Insufficient Verification of Data Authenticity

The web application does not, or cannot, sufficiently verify whether a request was intentionally provided by the user who sent the request, which could have originated from an unauthorized actor.

9,337 vulnerabilities with CWE-352

CVE-2025-23445 HIGH

Scott Swezey Easy Tynt <0.2.5.1 - CSRF

CVE-2025-23442 HIGH

Shockingly Big IE6 Warning <1.6.3 - CSRF

CVE-2025-23436 HIGH

Wp-Scribd-List <= 1.2 - Cross-Site Request Forgery to Stored Cross-Site Scripting

CVE-2025-23435 HIGH

David Marcucci Password Protect Plugin <0.8.1.0 - CSRF

CVE-2025-23430 HIGH

Oren Yomtov Mass Custom Fields Manager - CSRF

CVE-2025-23426 HIGH

Wizcrew Technologies go Social - CSRF

CVE-2025-23424 HIGH

Marquee Style RSS News Ticker <3.2.0 - CSRF

CVE-2025-22784 HIGH

Background Control <=1.0.5 - CSRF & Path Traversal

CVE-2025-22731 MEDIUM

silverplugins217 - WooCommerce - CSRF

CVE-2025-21193 MEDIUM

Windows Server 2016, 2019, 2022, 2022 23H2, 2025 - Active Directory Federation Server Spoofing

CVE-2025-23081 MEDIUM

MediaWiki DataTransfer Extension 1.39.0-1.39.10, 1.41.0-1.41.2, 1.42.0-1.42.1 - CSRF and XSS

CVE-2025-0393 MEDIUM

Royal Elementor Addons & Templates <1.7.1006 - CSRF

CVE-2025-22963 HIGH

Teedy <= 1.11 - Cross-Site Request Forgery via POST /api/user/admin

CVE-2025-23113 LOW

REDCap 14.9.6 - Cross-Site Request Forgery via Alert-Title CSV Upload

CVE-2025-22814 HIGH

Zephyr Admin Theme <= 1.4.1 - Cross-Site Request Forgery

CVE-2025-22590 HIGH

Prayer Times Anywhere <2.0.1 - CSRF

CVE-2025-22589 HIGH

Quote Tweet <= 0.7 - Cross-Site Request Forgery to Stored Cross-Site Scripting

CVE-2025-22582 HIGH

Scott Nell Uptime Robot <= 0.1.3 - Cross-Site Request Forgery to Stored Cross-Site Scripting

CVE-2025-22571 HIGH

Instabot <= 1.10 - Cross-Site Request Forgery

CVE-2025-22563 MEDIUM

Pretty Url <= 1.5.5 - Cross-Site Request Forgery

CVE-2025-22562 MEDIUM

Jason Funk Title Experiments Free - CSRF

CVE-2025-22559 HIGH

TubePress.NET <= 4.0.1 - Cross-Site Request Forgery

CVE-2025-22557 HIGH

WPMagic News Publisher Autopilot <2.1.4 - CSRF

CVE-2025-22556 HIGH

Norse Rune Oracle Plugin <1.4.1 - CSRF

CVE-2025-22555 HIGH

Smoothness Slider Shortcode <v1.2.2 - CSRF

Previous Page 86 of 374 Next

Details

Vulnerabilities 9,337

Exploit Likelihood Medium

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy