Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-352

CWE-352

Medium likelihood

Cross-Site Request Forgery (CSRF)

Parent: CWE-345 - Insufficient Verification of Data Authenticity

The web application does not, or cannot, sufficiently verify whether a request was intentionally provided by the user who sent the request, which could have originated from an unauthorized actor.

9,346 vulnerabilities with CWE-352

CVE-2024-55893 MEDIUM

TYPO3 10.0.0-10.4.47 - Cross-Site Request Forgery via Backend Deep Links

CVE-2024-47100 HIGH

SIMATIC S7-1200 CPU < V4.7 - Cross-Site Request Forgery

CVE-2024-6662 HIGH

MegaBIP < 5.15 - Cross-Site Request Forgery via Editor Endpoint

CVE-2024-13304 MEDIUM

Minify JS < 3.0.3 - Cross-Site Request Forgery

CVE-2024-13293 LOW

Drupal POST File < 1.0.2 - Cross-Site Request Forgery

CVE-2024-13284 HIGH

Drupal Gutenberg <2.13.0-3.0.5 - CSRF

CVE-2024-13261 LOW

Drupal Acquia DAM <1.0.13-1.1.0-beta3 - CSRF

CVE-2024-13260 HIGH

Drupal Migrate queue importer <2.1.1 - CSRF

CVE-2024-13250 HIGH

Drupal Symfony Mailer Lite <1.0.6 - CSRF

CVE-2024-13244 HIGH

migrate_tools 0.0.0-6.0.2 - Cross-Site Request Forgery

CVE-2024-12605 MEDIUM

AI Scribe WordPress Plugin <= 2.5 - Cross-Site Request Forgery via al_scribe_content_data

CVE-2024-12218 MEDIUM

Woocommerce check pincode/zipcode - CSRF

CVE-2024-12206 MEDIUM

WordPress Header Builder Plugin - CSRF

CVE-2024-13203 MEDIUM

kurniaramadhan E-Commerce-PHP 1.0 - Cross-Site Request Forgery

CVE-2024-49294 MEDIUM

MagePeople Team Bus Ticket Booking <5.4.3 - CSRF

CVE-2024-12383 MEDIUM

Binary MLM Woocommerce < 2.0 - Cross-Site Request Forgery via 'product_points' Parameter

CVE-2024-12322 HIGH

ThePerfectWedding.nl Widget <2.8 - CSRF

CVE-2024-12291 MEDIUM

WordPress ViewMedica 9 <1.4.15 - CSRF

CVE-2024-12288 MEDIUM

Simple add pages or posts <= 2.0.0 - Cross-Site Request Forgery via Missing Nonce Validation

CVE-2024-12170 MEDIUM

WordPress ViewMedica 9 <1.4.15 - CSRF

CVE-2024-12557 MEDIUM

Transporters.io < 2.1.1 - Cross-Site Request Forgery via Missing Nonce Validation

CVE-2024-12541 MEDIUM

Chative Live Chat & Chatbot <1.1 - CSRF

CVE-2024-55076 HIGH

grocy < 4.3.0 - Cross-Site Request Forgery

CVE-2024-12279 MEDIUM

WP Social AutoConnect <= 4.6.2 - Cross-Site Request Forgery via Missing Nonce Validation

CVE-2024-12545 MEDIUM

Scratch & Win - Giveaways and Contests < 2.7.1 - Cross-Site Request Forgery via reset_installation() Function

Previous Page 94 of 374 Next

Details

Vulnerabilities 9,346

Exploit Likelihood Medium

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy