Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-352

CWE-352

Medium likelihood

Cross-Site Request Forgery (CSRF)

Parent: CWE-345 - Insufficient Verification of Data Authenticity

The web application does not, or cannot, sufficiently verify whether a request was intentionally provided by the user who sent the request, which could have originated from an unauthorized actor.

9,346 vulnerabilities with CWE-352

CVE-2024-37274 MEDIUM

WP Mobile Menu <= 2.8.4.3 - Cross-Site Request Forgery

CVE-2024-37272 MEDIUM

WP Travel Engine Travel Monster - CSRF

CVE-2024-37243 MEDIUM

blossomthemes Vandana Lite <= 1.1.9 - Cross-Site Request Forgery

CVE-2024-37242 MEDIUM

Newspack Newsletters <2.13.2 - CSRF

CVE-2024-37240 MEDIUM

Falang multilanguage <= 1.3.51 - Cross-Site Request Forgery

CVE-2024-37238 MEDIUM

WPAdverts - Classifieds Plugin <2.1.2 - CSRF

CVE-2024-37236 MEDIUM

Loco Translate <= 2.6.9 - Cross-Site Request Forgery

CVE-2024-37235 MEDIUM

Groundhogg <= 3.4.2.3 - Cross-Site Request Forgery

CVE-2024-37104 MEDIUM

rarathemes Chic and Chic Lite < 1.1.4 and < 1.1.3 - Cross-Site Request Forgery

CVE-2024-37103 MEDIUM

Education Zone <= 1.3.4 - Cross-Site Request Forgery

CVE-2024-37102 MEDIUM

blossomthemes Vilva <= 1.2.2 - Cross-Site Request Forgery

CVE-2024-37093 MEDIUM

Stylemix MasterStudy LMS <= 3.2.1 - Cross-Site Request Forgery

CVE-2024-56207 HIGH

EditionGuard <3.4.2 - CSRF/Privilege Escalation

CVE-2024-56206 HIGH

gap-hub-user-role <= 3.4.1 - Cross-Site Request Forgery to Authentication Bypass

CVE-2024-56204 HIGH

Yonatan Reinberg of Social Ink Sinking Dropdowns - CSRF

CVE-2024-56203 HIGH

Wayne Audio Player - CSRF/Privilege Escalation

CVE-2024-56232 HIGH

WP Nice Loader <= 0.1.0.4 - Cross-Site Request Forgery to Stored Cross-Site Scripting

CVE-2024-56229 MEDIUM

SearchIQ < 4.6 - Cross-Site Request Forgery

CVE-2024-56222 MEDIUM

CodeBard Help Desk <= 1.1.1 - Cross-Site Request Forgery

CVE-2024-56218 MEDIUM

Contact Form 7 Dynamic Text Extension <= 5.0.1 - Cross-Site Request Forgery

CVE-2024-11842 MEDIUM

DN Shipping by Weight for WooCommerce <1.2 - CSRF

CVE-2024-12955 MEDIUM

PHPGurukul Blood Bank & Donor Management System 2.4 - Cross-Site Request Forgery in /logout.php

CVE-2024-12636 MEDIUM

WP Legal Pages <3.2.6 - CSRF

CVE-2024-56311 HIGH

REDCap < 14.9.6 - Cross-Site Request Forgery via Calendar Event Notes

CVE-2024-56310 HIGH

REDCap < 14.9.6 - Cross-Site Request Forgery via Project Dashboards Name

Previous Page 97 of 374 Next

Details

Vulnerabilities 9,346

Exploit Likelihood Medium

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy