Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-352

CWE-352

Medium likelihood

Cross-Site Request Forgery (CSRF)

Parent: CWE-345 - Insufficient Verification of Data Authenticity

The web application does not, or cannot, sufficiently verify whether a request was intentionally provided by the user who sent the request, which could have originated from an unauthorized actor.

9,344 vulnerabilities with CWE-352

CVE-2024-13511 MEDIUM

Variation Swatches for WooCommerce <1.3.2 - Auth Bypass

CVE-2024-56924 HIGH

Code Astro Internet banking system 2.0.0 - CSRF

CVE-2024-54792 MEDIUM

SpagoBI 3.5.1 - Authenticated Cross-Site Request Forgery in User Administration Panel

CVE-2024-53829 HIGH

CodeChecker <= 6.24.4 - Cross-Site Request Forgery

CVE-2024-13444 MEDIUM

wp-greet <= 6.2 - Cross-Site Request Forgery via Missing Nonce Validation

CVE-2024-12005 MEDIUM

WP-BibTeX <= 3.0.1 - Cross-Site Request Forgery via wp_bibtex_option_page()

CVE-2024-13432 MEDIUM

Webcamconsult <= 1.5.0 - Cross-Site Request Forgery via Missing Nonce Validation

CVE-2024-13317 MEDIUM

ShipWorks Connector for Woocommerce <= 5.2.5 - Cross-Site Request Forgery via Missing Nonce Validation

CVE-2024-12385 MEDIUM

WP Abstracts <= 2.7.2 - Cross-Site Request Forgery via Missing Nonce Validation

CVE-2024-26153 HIGH

ETIC Telecom Remote Access Server Firmware < 4.9.19 - Cross-Site Request Forgery via setconf Method

CVE-2024-57611 LOW

07flycms V1.3.9 - Cross-Site Request Forgery via admin/doAdminAction.php

CVE-2024-57161 MEDIUM

07fly customer_relationship_management V1.3.9 - Cross-Site Request Forgery via OaWorkReport Edit Endpoint

CVE-2024-57160 MEDIUM

07fly customer_relationship_management V1.3.9 - Cross-Site Request Forgery via OaTask Edit Endpoint

CVE-2024-57159 LOW

07flycms V1.3.9 - Cross-Site Request Forgery via OaWorkReport Endpoint

CVE-2024-10789 MEDIUM

WP User Profile Avatar <1.0.5 - CSRF

CVE-2024-50858 HIGH

GestioIP 3.5.7 - Cross-Site Request Forgery

CVE-2024-55945 MEDIUM

TYPO3 11.0.0-11.5.41 - Cross-Site Request Forgery via Backend Deep Links

CVE-2024-55924 HIGH

TYPO3 11.0.0-11.5.41 - Cross-Site Request Forgery via Backend Deep Links

CVE-2024-55923 MEDIUM

TYPO3 10.0.0-10.4.48 - Cross-Site Request Forgery via Backend Deep Links

CVE-2024-55922 MEDIUM

TYPO3 10.0.0-10.4.47 - Cross-Site Request Forgery via Backend Deep Links

CVE-2024-55921 HIGH

TYPO3 10.0.0-10.4.48 - Cross-Site Request Forgery and Remote Code Execution via Extension Manager Module

CVE-2024-55920 MEDIUM

TYPO3 10.0.0-10.4.48 - Cross-Site Request Forgery via Backend Deep Links

CVE-2024-55894 MEDIUM

TYPO3 10.0.0-10.4.47 - Cross-Site Request Forgery via Backend Deep Links

CVE-2024-55893 MEDIUM

TYPO3 10.0.0-10.4.47 - Cross-Site Request Forgery via Backend Deep Links

CVE-2024-47100 HIGH

SIMATIC S7-1200 CPU < V4.7 - Cross-Site Request Forgery

Previous Page 93 of 374 Next

Details

Vulnerabilities 9,344

Exploit Likelihood Medium

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy