← Back
CWE-352

9,314 CVEs • Abstraction: Compound • Likelihood of Exploit: Medium

Cross-Site Request Forgery (CSRF)

The web application does not, or can not, sufficiently verify whether a well-formed, valid, consistent request was intentionally provided by the user who submitted the request.

JSON object

Loading...

CVEs (9,314)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2024-52451
-
-
Jun 17, 2026
Nov 20, 2024
N/A· v4
8.2 HIGH· v3
N/A· v2
Cross-Site Request Forgery (CSRF) vulnerability in aaronrobbins Post Ideas post-ideas allows SQL Injection.This issue affects Post Ideas: from n/a through <= 2.
CVE-2024-52446
-
-
Jun 17, 2026
Nov 20, 2024
N/A· v4
8.8 HIGH· v3
N/A· v2
Cross-Site Request Forgery (CSRF) vulnerability in Buying Buddy Buying Buddy IDX CRM buying-buddy-idx-crm allows Object Injection.This issue affects Buying Buddy IDX CRM: from n/a through <= 1.2.8.
CVE-2024-52392
1W3speedster
1W3speedster
Jun 17, 2026
Nov 19, 2024
N/A· v4
6.5 MEDIUM· v3
N/A· v2
Cross-Site Request Forgery (CSRF) vulnerability in w3speedster W3SPEEDSTER w3speedster-wp.This issue affects W3SPEEDSTER: from n/a through <= 7.25.
CVE-2024-51669
1Vivwebsolutions
1Dynamic Widgets
Jun 17, 2026
Nov 19, 2024
N/A· v4
8.8 HIGH· v3
N/A· v2
Cross-Site Request Forgery (CSRF) vulnerability in Kalmang Dynamic Widgets dynamic-widgets.This issue affects Dynamic Widgets: from n/a through <= 1.6.4.
CVE-2022-47424
1Reputeinfosystems
1Armember
Jun 17, 2026
Nov 19, 2024
N/A· v4
8.8 HIGH· v3
N/A· v2
Cross-Site Request Forgery (CSRF) vulnerability in Repute InfoSystems ARMember, Repute InfoSystems ARMember Premium allows Cross-Site Request Forgery.This issue affects ARMember: from n/a through 4.0.5; ARMember Premium:...Show more
Cross-Site Request Forgery (CSRF) vulnerability in Repute InfoSystems ARMember, Repute InfoSystems ARMember Premium allows Cross-Site Request Forgery.This issue affects ARMember: from n/a through 4.0.5; ARMember Premium: from n/a before 6.7.1.Show less
CVE-2024-52421
-
-
Jun 17, 2026
Nov 19, 2024
N/A· v4
7.1 HIGH· v3
N/A· v2
Cross-Site Request Forgery (CSRF) vulnerability in wp-buy WP Popup Window Maker easy-popup-lightbox-maker allows Stored XSS.This issue affects WP Popup Window Maker: from n/a through <= 2.0.
CVE-2024-52420
-
-
Jun 17, 2026
Nov 19, 2024
N/A· v4
4.3 MEDIUM· v3
N/A· v2
Cross-Site Request Forgery (CSRF) vulnerability in Themeisle Disable Admin Notices individually disable-admin-notices allows Cross Site Request Forgery.This issue affects Disable Admin Notices individually: from n/a thro...Show more
Cross-Site Request Forgery (CSRF) vulnerability in Themeisle Disable Admin Notices individually disable-admin-notices allows Cross Site Request Forgery.This issue affects Disable Admin Notices individually: from n/a through <= 1.4.0.Show less
CVE-2024-52402
-
-
Jun 17, 2026
Nov 19, 2024
N/A· v4
9.6 CRITICAL· v3
N/A· v2
Cross-Site Request Forgery (CSRF) vulnerability in gunghoinc Exclusive Content Password Protect exclusive-content-password-protect allows Upload a Web Shell to a Web Server.This issue affects Exclusive Content Password P...Show more
Cross-Site Request Forgery (CSRF) vulnerability in gunghoinc Exclusive Content Password Protect exclusive-content-password-protect allows Upload a Web Shell to a Web Server.This issue affects Exclusive Content Password Protect: from n/a through <= 1.1.0.Show less
CVE-2024-52401
-
-
Jun 17, 2026
Nov 19, 2024
N/A· v4
9.6 CRITICAL· v3
N/A· v2
Cross-Site Request Forgery (CSRF) vulnerability in HuangYe WuDeng Hacklog DownloadManager hacklog-downloadmanager allows Upload a Web Shell to a Web Server.This issue affects Hacklog DownloadManager: from n/a through <=...Show more
Cross-Site Request Forgery (CSRF) vulnerability in HuangYe WuDeng Hacklog DownloadManager hacklog-downloadmanager allows Upload a Web Shell to a Web Server.This issue affects Hacklog DownloadManager: from n/a through <= 2.1.4.Show less
CVE-2024-52388
-
-
Jun 17, 2026
Nov 19, 2024
N/A· v4
7.1 HIGH· v3
N/A· v2
Cross-Site Request Forgery (CSRF) vulnerability in mikeage Hebrew Date hebrewdates allows Stored XSS.This issue affects Hebrew Date: from n/a through <= 2.1.0.
CVE-2024-51686
-
-
Jun 17, 2026
Nov 19, 2024
N/A· v4
4.3 MEDIUM· v3
N/A· v2
Cross-Site Request Forgery (CSRF) vulnerability in Deepak Khokhar Manage User Columns manage-user-columns allows Cross Site Request Forgery.This issue affects Manage User Columns: from n/a through <= 1.0.5.
CVE-2024-51657
-
-
Jun 17, 2026
Nov 19, 2024
N/A· v4
7.1 HIGH· v3
N/A· v2
Cross-Site Request Forgery (CSRF) vulnerability in Woopy Plugins SmartLink Dynamic URLs smartlink-dinamic-urls allows Stored XSS.This issue affects SmartLink Dynamic URLs: from n/a through <= 1.1.0.
CVE-2024-51656
-
-
Jun 17, 2026
Nov 19, 2024
N/A· v4
7.1 HIGH· v3
N/A· v2
Cross-Site Request Forgery (CSRF) vulnerability in litefeel Flash Show And Hide Box flash-show-and-hide-box allows Stored XSS.This issue affects Flash Show And Hide Box: from n/a through <= 1.6.
CVE-2024-51655
-
-
Jun 17, 2026
Nov 19, 2024
N/A· v4
7.1 HIGH· v3
N/A· v2
Cross-Site Request Forgery (CSRF) vulnerability in microkid Custom Author URL author-slug allows Stored XSS.This issue affects Custom Author URL: from n/a through <= 2.0.1.
CVE-2024-51654
-
-
Jun 17, 2026
Nov 19, 2024
N/A· v4
7.1 HIGH· v3
N/A· v2
Cross-Site Request Forgery (CSRF) vulnerability in Eric Allen APK Downloader apk-downloader allows Stored XSS.This issue affects APK Downloader: from n/a through <= 1.0.0.
CVE-2024-51653
-
-
Jun 17, 2026
Nov 19, 2024
N/A· v4
7.1 HIGH· v3
N/A· v2
Cross-Site Request Forgery (CSRF) vulnerability in akira1891 UPDATE NOTIFICATIONS update-notifications allows Stored XSS.This issue affects UPDATE NOTIFICATIONS: from n/a through <= 0.3.4.
CVE-2024-51652
-
-
Jun 17, 2026
Nov 19, 2024
N/A· v4
7.1 HIGH· v3
N/A· v2
Cross-Site Request Forgery (CSRF) vulnerability in marckocher Skip To skip-to allows Stored XSS.This issue affects Skip To: from n/a through <= 2.0.0.
CVE-2024-51650
-
-
Jun 17, 2026
Nov 19, 2024
N/A· v4
7.1 HIGH· v3
N/A· v2
Cross-Site Request Forgery (CSRF) vulnerability in scottmydollarplancom Random Featured Post random-featured-post-plugin allows Stored XSS.This issue affects Random Featured Post: from n/a through <= 1.1.3.
CVE-2024-51649
-
-
Jun 17, 2026
Nov 19, 2024
N/A· v4
7.1 HIGH· v3
N/A· v2
Cross-Site Request Forgery (CSRF) vulnerability in Patrick Lumumba Mobilize mobilize allows Stored XSS.This issue affects Mobilize: from n/a through <= 3.0.7.
CVE-2024-51648
-
-
Jun 17, 2026
Nov 19, 2024
N/A· v4
7.1 HIGH· v3
N/A· v2
Cross-Site Request Forgery (CSRF) vulnerability in hands01 e-shops e-shops-cart2 allows Reflected XSS.This issue affects e-shops: from n/a through <= 1.0.3.