Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-352 (跨站请求伪造(CSRF)) — Vulnerability Class 4754

4754 vulnerabilities classified as CWE-352 (跨站请求伪造(CSRF)). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2023-6980 WP SMS <= 6.5 - Cross-Site Request Forgery to Subscriber Deletion — WSMS (formerly WP SMS) – SMS & MMS Notifications with OTP and 2FA for WooCommerce 4.3 Medium2024-01-03
CVE-2018-25096 MdAlAmin-aol Own Health Record logout.php cross-site request forgery — Own Health Record 4.3 Medium2023-12-30
CVE-2023-51545 WordPress Job Manager & Career Plugin <= 1.4.4 is vulnerable to Cross Site Request Forgery (CSRF) leading to PHP Object Injection — Job Manager & Career – Manage job board listings, and recruitments 9.6 Critical2023-12-29
CVE-2023-50878 WordPress MStore API Plugin <= 4.10.1 is vulnerable to Cross Site Request Forgery (CSRF) — MStore API 5.4 Medium2023-12-29
CVE-2023-50902 WordPress New User Approve Plugin <= 2.5.1 is vulnerable to Cross Site Request Forgery (CSRF) — New User Approve 4.3 Medium2023-12-29
CVE-2023-51354 WordPress Webba Booking Plugin <= 4.5.33 is vulnerable to Cross Site Request Forgery (CSRF) — Appointment & Event Booking Calendar Plugin – Webba Booking 4.3 Medium2023-12-29
CVE-2023-51358 WordPress Block IPs for Gravity Forms Plugin <= 1.0.1 is vulnerable to Cross Site Request Forgery (CSRF) — Block IPs for Gravity Forms 5.4 Medium2023-12-29
CVE-2023-51378 WordPress Rise Blocks Plugin <= 3.1 is vulnerable to Cross Site Request Forgery (CSRF) — Rise Blocks – A Complete Gutenberg Page Builder 5.4 Medium2023-12-29
CVE-2023-51402 WordPress Ultimate Addons for WPBakery Page Builder Plugin <= 3.19.17 is vulnerable to Cross Site Request Forgery (CSRF) — Ultimate Addons for WPBakery Page Builder 4.3 Medium2023-12-29
CVE-2023-50858 WordPress Anti Hacker Plugin <= 4.34 is vulnerable to Cross Site Request Forgery (CSRF) — Disable Json API, Login Lockdown, XMLRPC, Pingback, Stop User Enumeration Anti Hacker Scan 5.4 Medium2023-12-28
CVE-2023-50873 WordPress Add Any Extension to Pages Plugin <= 1.4 is vulnerable to Cross Site Request Forgery (CSRF) — Add Any Extension to Pages 4.3 Medium2023-12-28
CVE-2012-10017 BestWebSoft Portfolio Plugin cross-site request forgery — Portfolio Plugin 4.3 Medium2023-12-26
CVE-2023-7092 Uniway UW-302VP Admin Web Interface wlan_basic_set.cgi cross-site request forgery — UW-302VP 4.3 Medium2023-12-24
CVE-2023-5961 ioLogik E1200 Series: Cross-Site Request Forgery (CSRF) Vulnerability — ioLogik E1200 Series 8.8 High2023-12-23
CVE-2023-7052 PHPGurukul Online Notes Sharing System profile.php cross-site request forgery — Online Notes Sharing System 4.3 Medium2023-12-22
CVE-2023-7051 PHPGurukul Online Notes Sharing System manage-notes.php cross-site request forgery — Online Notes Sharing System 4.3 Medium2023-12-21
CVE-2023-7038 automad User Creation cross-site request forgery — automad 4.3 Medium2023-12-21
CVE-2023-49920 Apache Airflow: Missing CSRF protection on DAG/trigger — Apache Airflow 8.3AIHighAI2023-12-21
CVE-2023-6689 Cross-Site Request Forgery in EFACEC BCU 500 — BCU 500 8.2 High2023-12-19
CVE-2023-50835 WordPress Advanced Category Template Plugin <= 0.1 is vulnerable to Cross Site Request Forgery (CSRF) — Advanced Category Template 5.4 Medium2023-12-19
CVE-2023-49164 WordPress Ocean Extra Plugin <= 2.2.2 is vulnerable to Cross Site Request Forgery (CSRF) — Ocean Extra 5.4 Medium2023-12-19
CVE-2023-49821 WordPress LiveChat Plugin <= 4.5.15 is vulnerable to Cross Site Request Forgery (CSRF) — LiveChat – WP live chat plugin for WordPress 5.4 Medium2023-12-18
CVE-2023-49763 WordPress CSprite Plugin <= 1.1 is vulnerable to Cross Site Request Forgery (CSRF) — CSprite 4.3 Medium2023-12-18
CVE-2023-49761 WordPress Product Enquiry for WooCommerce Plugin <= 3.0 is vulnerable to Cross Site Request Forgery (CSRF) — Product Enquiry for WooCommerce 5.4 Medium2023-12-18
CVE-2023-49760 WordPress WPsoonOnlinePage Plugin <= 1.9 is vulnerable to Cross Site Request Forgery (CSRF) — WPsoonOnlinePage 5.4 Medium2023-12-18
CVE-2023-49759 WordPress WooDiscuz – WooCommerce Comments Plugin <= 2.3.0 is vulnerable to Cross Site Request Forgery (CSRF) — WooDiscuz – WooCommerce Comments 5.4 Medium2023-12-18
CVE-2023-49163 WordPress teachPress Plugin <= 9.0.5 is vulnerable to Cross Site Request Forgery (CSRF) — teachPress 5.4 Medium2023-12-18
CVE-2023-49155 WordPress Button Generator – easily Button Builder Plugin <= 2.3.8 is vulnerable to Cross Site Request Forgery (CSRF) — Button Generator – easily Button Builder 4.3 Medium2023-12-18
CVE-2023-49153 WordPress Add to Cart Text Changer and Customize Button, Add Custom Icon Plugin <= 2.0 is vulnerable to Cross Site Request Forgery (CSRF) — Add to Cart Text Changer and Customize Button, Add Custom Icon 4.3 Medium2023-12-18
CVE-2023-49148 WordPress Affiliate Booster – Pros & Cons, Notice, and CTA Blocks for Affiliates Plugin <= 3.0.5 is vulnerable to Cross Site Request Forgery (CSRF) — Affiliate Booster – Pros & Cons, Notice, and CTA Blocks for Affiliates 5.4 Medium2023-12-18

Vulnerabilities classified as CWE-352 (跨站请求伪造(CSRF)) represent 4754 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.