Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-352 (跨站请求伪造(CSRF)) — Vulnerability Class 4754

4754 vulnerabilities classified as CWE-352 (跨站请求伪造(CSRF)). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2023-6520 WP 2FA – Two-factor authentication for WordPress <= 2.5.0 - Cross-Site Request Forgery — WP 2FA – Two-factor authentication for WordPress 4.3 Medium2024-01-11
CVE-2023-5448 WP Register Profile With Shortcode <= 3.5.9 - Cross-Site Request Forgery to User Password Reset — WP Register Profile With Shortcode 8.8 High2024-01-11
CVE-2023-48258 Bosch Nexo cordless nutrunner 安全漏洞 — Nexo cordless nutrunner NXA015S-36V (0608842001) 5.5 Medium2024-01-10
CVE-2023-5455 Ipa: invalid csrf protection — Red Hat Enterprise Linux 7 6.5 Medium2024-01-10
CVE-2023-6788 Metform Elementor Contact Form Builder <= 3.8.1 - Cross-Site Request Forgery — MetForm – Contact Form, Survey, Quiz, & Custom Form Builder for Elementor 5.4 Medium2024-01-09
CVE-2023-52216 WordPress JS & CSS Script Optimizer Plugin <= 0.3.3 is vulnerable to Cross Site Request Forgery (CSRF) — JS & CSS Script Optimizer 4.3 Medium2024-01-08
CVE-2023-52200 WordPress ARMember Plugin <= 4.0.22 is vulnerable to Cross Site Request Forgery (CSRF) leading to PHP Object Injection — ARMember – Membership Plugin, Content Restriction, Member Levels, User Profile & User signup 9.6 Critical2024-01-08
CVE-2023-52222 WordPress WooCommerce Plugin <= 8.2.2 is vulnerable to Cross Site Request Forgery (CSRF) — WooCommerce 4.3 Medium2024-01-08
CVE-2023-51678 WordPress Doofinder for WooCommerce Plugin <= 2.0.33 is vulnerable to Broken Access Control — Doofinder WP & WooCommerce Search 4.3 Medium2024-01-05
CVE-2023-51535 WordPress Spam protection, AntiSpam, FireWall by CleanTalk Plugin <= 6.20 is vulnerable to Cross Site Request Forgery (CSRF) — Spam protection, Anti-Spam, FireWall by CleanTalk 4.3 Medium2024-01-05
CVE-2023-51673 WordPress Stylish Price List Plugin <= 7.0.17 is vulnerable to Broken Access Control — Stylish Price List – Price Table Builder & QR Code Restaurant Menu 5.4 Medium2024-01-05
CVE-2023-51668 WordPress Inline Image Upload for BBPress Plugin <= 1.1.18 is vulnerable to Cross Site Request Forgery (CSRF) — Inline Image Upload for BBPress 4.3 Medium2024-01-05
CVE-2023-51538 WordPress Awesome Support Plugin <= 6.1.5 is vulnerable to Cross Site Request Forgery (CSRF) — Awesome Support – WordPress HelpDesk & Support Plugin 4.3 Medium2024-01-05
CVE-2023-51539 WordPress Apollo13 Framework Extensions Plugin <= 1.9.1 is vulnerable to Cross Site Request Forgery (CSRF) — Apollo13 Framework Extensions 5.4 Medium2024-01-05
CVE-2023-52119 WordPress Icegram Plugin <= 3.1.18 is vulnerable to Cross Site Request Forgery (CSRF) — Icegram Engage – WordPress Lead Generation, Popup Builder, CTA, Optins and Email List Building 4.3 Medium2024-01-05
CVE-2023-52120 WordPress NEX-Forms – Ultimate Form Builder Plugin <= 8.5.2 is vulnerable to Cross Site Request Forgery (CSRF) — NEX-Forms – Ultimate Form Builder – Contact forms and much more 5.4 Medium2024-01-05
CVE-2023-52121 WordPress NitroPack Plugin <= 1.10.2 is vulnerable to Cross Site Request Forgery (CSRF) — NitroPack – Cache & Speed Optimization for Core Web Vitals, Defer CSS & JavaScript, Lazy load Images 5.4 Medium2024-01-05
CVE-2023-52122 WordPress Simple Job Board Plugin <= 2.10.6 is vulnerable to Cross Site Request Forgery (CSRF) — Simple Job Board 4.3 Medium2024-01-05
CVE-2023-52123 WordPress Strong Testimonials Plugin <= 3.1.10 is vulnerable to Cross Site Request Forgery (CSRF) — Strong Testimonials 4.3 Medium2024-01-05
CVE-2023-52127 WordPress WPC Product Bundles for WooCommerce Plugin <= 7.3.1 is vulnerable to Cross Site Request Forgery (CSRF) — WPC Product Bundles for WooCommerce 4.3 Medium2024-01-05
CVE-2023-52128 WordPress White Label Plugin <= 2.9.0 is vulnerable to Cross Site Request Forgery (CSRF) — White Label – WordPress Custom Admin, Custom Login Page, and Custom Dashboard 4.3 Medium2024-01-05
CVE-2023-52129 WordPress teachPress Plugin <= 9.0.4 is vulnerable to Cross Site Request Forgery (CSRF) — teachPress 6.3 Medium2024-01-05
CVE-2023-52130 WordPress Affiliates Manager Plugin <= 2.9.31 is vulnerable to Cross Site Request Forgery (CSRF) — Affiliates Manager 4.3 Medium2024-01-05
CVE-2023-52136 WordPress Custom Twitter Feeds (Tweets Widget) Plugin <= 2.1.2 is vulnerable to Cross Site Request Forgery (CSRF) — Custom Twitter Feeds – A Tweets Widget or X Feed Widget 4.3 Medium2024-01-05
CVE-2023-52145 WordPress Republish Old Posts Plugin <= 1.21 is vulnerable to Cross Site Request Forgery (CSRF) — Republish Old Posts 4.3 Medium2024-01-05
CVE-2023-52149 WordPress Floating Button Plugin <= 6.0 is vulnerable to Cross Site Request Forgery (CSRF) — Floating Button 5.4 Medium2024-01-05
CVE-2023-52150 WordPress Dynamic Content for Elementor Plugin < 2.12.5 is vulnerable to Cross Site Request Forgery (CSRF) — Dynamic Content for Elementor 8.8 High2024-01-05
CVE-2023-52184 WordPress WP Job Portal Plugin <= 2.0.6 is vulnerable to Cross Site Request Forgery (CSRF) — WP Job Portal – A Complete Job Board 4.3 Medium2024-01-05
CVE-2023-6493 Depicter Slider – Responsive Image Slider, Video Slider & Post Slider <= 2.0.6 - Cross-Site Request Forgery via save — Depicter — Popup & Slider Builder 4.3 Medium2024-01-05
CVE-2023-6984 PowerPack Addons for Elementor (Free Widgets, Extensions and Templates) <= 2.7.13 - Cross-Site Request Forgery — PowerPack Addons for Elementor (Free Widgets, Extensions and Templates) 5.3 Medium2024-01-03

Vulnerabilities classified as CWE-352 (跨站请求伪造(CSRF)) represent 4754 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.