CWE-352
Cross-Site Request Forgery (CSRF)
The web application does not, or can not, sufficiently verify whether a well-formed, valid, consistent request was intentionally provided by the user who submitted the request.
We have discovered 1,244,664 live websites that are affected by CWE-352.
CVEs
- Count - 26
CWE References
Countries
 United States | 302,077 websites |
 Germany | 89,268 websites |
 France | 67,556 websites |
 GB | 64,521 websites |
 Italy | 64,503 websites |
 Spain | 50,181 websites |
 Netherlands | 38,918 websites |
 Poland | 35,145 websites |
 Russia | 34,407 websites |
 Canada | 31,952 websites |
TLDs
| .com | 546,249 websites |
| .de | 52,233 websites |
| .it | 41,997 websites |
| .org | 40,746 websites |
| .co.uk | 37,017 websites |
| .nl | 30,702 websites |
| .ru | 26,767 websites |
| .pl | 26,260 websites |
| .net | 25,114 websites |
| .fr | 24,893 websites |
Newest CVEs
List of the most recent CVEs that are part of CWE-352| Discovered | CVE | Description | Websites |
|---|---|---|---|
| Feb, 2024 | CVE-2024-21752 | WordPress Ajax Search Lite Plugin <= 4.11.4 is vulnerable to Cross Site Scripting (XSS) | 850 |
| Feb, 2024 | CVE-2023-51533 | WordPress Ecwid Shopping Cart Plugin <= 6.12.4 is vulnerable to Cross Site Request Forgery (CSRF) | 989 |
| Jan, 2024 | CVE-2023-6292 | Ecwid Ecommerce Shopping Cart < 6.12.5 - Arbitrary Plugin Settings Change via CSRF | 989 |
| Jan, 2024 | CVE-2023-52222 | WordPress WooCommerce Plugin <= 8.2.2 is vulnerable to Cross Site Request Forgery (CSRF) | 818,864 |
| Jan, 2024 | CVE-2023-52123 | WordPress Strong Testimonials Plugin <= 3.1.10 is vulnerable to Cross Site Request Forgery (CSRF) | 841 |
| Nov, 2023 | CVE-2023-34030 | WordPress Complianz and Complianz Premium plugins - Cross Site Request Forgery (CSRF) | 48,135 |
| Nov, 2023 | CVE-2023-47875 | WordPress Perfmatters Plugin <= 2.1.6 is vulnerable to Cross Site Request Forgery (CSRF) | 1,361 |
| Nov, 2023 | CVE-2023-33333 | WordPress Complianz and Complianz Premium plugins - Cross-Site Request Forgery (CSRF) leading to Cross-Site Scripting (XSS) | 45,391 |
| Nov, 2023 | CVE-2023-47785 | WordPress LayerSlider Plugin <= 7.7.9 is vulnerable to Cross Site Request Forgery (CSRF) | 250,364 |
| Nov, 2023 | CVE-2023-32123 | WordPress The7 Theme <= 11.7.3 is vulnerable to Cross Site Request Forgery (CSRF) | 32,579 |
The most widespread CVEs
List of the most common CVEs that are part of CWE-352| Discovered | CVE | Description | Websites |
|---|---|---|---|
| Jan, 2024 | CVE-2023-52222 | WordPress WooCommerce Plugin <= 8.2.2 is vulnerable to Cross Site Request Forgery (CSRF) | 818,864 |
| Nov, 2023 | CVE-2023-47785 | WordPress LayerSlider Plugin <= 7.7.9 is vulnerable to Cross Site Request Forgery (CSRF) | 250,364 |
| May, 2023 | CVE-2022-46800 | WordPress LiteSpeed Cache Plugin <= 5.3 is vulnerable to Cross Site Request Forgery (CSRF) | 144,759 |
| Nov, 2023 | CVE-2023-34030 | WordPress Complianz and Complianz Premium plugins - Cross Site Request Forgery (CSRF) | 48,135 |
| Nov, 2023 | CVE-2023-33333 | WordPress Complianz and Complianz Premium plugins - Cross-Site Request Forgery (CSRF) leading to Cross-Site Scripting (XSS) | 45,391 |
| Nov, 2023 | CVE-2023-32123 | WordPress The7 Theme <= 11.7.3 is vulnerable to Cross Site Request Forgery (CSRF) | 32,579 |
| Nov, 2023 | CVE-2023-34378 | WordPress WP Hide Post Plugin <= 2.0.10 is vulnerable to Cross Site Request Forgery (CSRF) | 7,941 |
| May, 2023 | CVE-2022-43490 | WordPress Stream Plugin <= 3.9.2 is vulnerable to Cross Site Request Forgery (CSRF) | 7,921 |
| May, 2023 | CVE-2022-47174 | WordPress Performance Lab Plugin <= 2.2.0 is vulnerable to Cross Site Request Forgery (CSRF) | 4,178 |
| Nov, 2023 | CVE-2023-47875 | WordPress Perfmatters Plugin <= 2.1.6 is vulnerable to Cross Site Request Forgery (CSRF) | 1,361 |
Websites affected by CWE-352
Top websites that are affected by CWE-352. Please click on the "Contact us" link to get more information.| Domain | Country | Rank | Contacts |
|---|---|---|---|
| *****.*********.org | United States | *** | |
| ***.******.com | United States | *,*** | |
| ******.at |  Austria | *,*** | |
| ***.***************.com | United States | *,*** | |
| ***.***.com | United States | *,*** | |
| ************.com | United States | *,*** | |
| ***.***********.com | Italy | *,*** | |
| ***********.com | Germany | *,*** | |
| ***********.com | United States | *,*** | |
| *****************.com | United States | *,*** |