Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-352

CWE-352

Medium likelihood

Cross-Site Request Forgery (CSRF)

Parent: CWE-345 - Insufficient Verification of Data Authenticity

The web application does not, or cannot, sufficiently verify whether a request was intentionally provided by the user who sent the request, which could have originated from an unauthorized actor.

9,337 vulnerabilities with CWE-352

CVE-2025-22552 HIGH

Jason Keeley, Bryan Nielsen Affiliate Disclosure Statement <0.3 - CSRF

CVE-2025-22538 HIGH

Ofek Nakar Virtual Bot <1.0.0 - CSRF

CVE-2025-22520 HIGH

Tock Widget <= 1.1 - Cross-Site Request Forgery

CVE-2025-22503 MEDIUM

Digital Zoom Studio Admin <1.0.13 - CSRF

CVE-2025-22347 HIGH

BannerSky.com BSK Forms Blacklist - CSRF

CVE-2025-22343 HIGH

wpSOL <= 1.2.0 - Cross-Site Request Forgery to Stored Cross-Site Scripting

CVE-2025-22342 HIGH

WP Simple Sitemap <= 0.2 - Cross-Site Request Forgery to Stored Cross-Site Scripting

CVE-2025-22336 HIGH

WordPress Wizhi Multi Filters <1.8.6 - CSRF

CVE-2025-22328 HIGH

Elevio by Dixa Elevio < 4.4.1 - Cross-Site Request Forgery to Stored Cross-Site Scripting

CVE-2025-22325 HIGH

Nik Chankov Autocompleter <1.3.5.2 - CSRF

CVE-2025-22301 MEDIUM

Stormhill Media MyBookTable <3.5.3 - CSRF

CVE-2025-22300 MEDIUM

PixelYourSite - TAG Manager <10.0.1.2 - CSRF

CVE-2025-22297 MEDIUM

AIpost AI WP Writer <3.8.4.4 - CSRF

CVE-2024-35648 MEDIUM

WordPress Emergency Password Reset plugin <= 8.0 - Cross Site Request Forgery (CSRF) vulnerability

CVE-2024-34810 MEDIUM

WordPress Skyline WP theme <= 1.0.10 - Cross Site Request Forgery (CSRF) vulnerability

CVE-2024-32110 MEDIUM

WordPress Event Manager and Tickets Selling Plugin for WooCommerce plugin <= 4.1.2 - Cross Site Request Forgery (CSRF) vulnerability

CVE-2024-32537 HIGH

WordPress Flash Video Player plugin <= 5.0.4 - CSRF to XSS vulnerability

CVE-2024-55271 LOW

phpgurukul Gym Management System 1.0 - CSRF

CVE-2024-40685 MEDIUM

IBM Operations Analytics - Log Analysis <1.3.8.3 - CSRF

CVE-2024-30855 HIGH

DedeCMS v5.7 - Cross-Site Request Forgery via makehtml_list_action.php

CVE-2024-45538 CRITICAL

Synology DSM <7.2.1-69057-2,7.2.2-72806 & DSMUC <3.1.4-23079 - CSRF

CVE-2024-53684 HIGH

Socomec DIRIS Digiware M-70 1.6.9 - Cross-Site Request Forgery in WEBVIEW-M

CVE-2024-45161 MEDIUM

Blu-Castle BCUM221E 1.0.0P220507 - CSRF

CVE-2024-43192 MEDIUM

IBM Storage TS4500 Library 1.11.0.0 and 2.11.0.0 - Cross-Site Request Forgery

CVE-2024-48341 LOW

dingfanzu CMS V1.0 - Cross-Site Request Forgery via /admin/doAdminAction.php

Previous Page 87 of 374 Next

Details

Vulnerabilities 9,337

Exploit Likelihood Medium

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy