CWE-352 (跨站请求伪造(CSRF)) — Vulnerability Class 4754

4754 vulnerabilities classified as CWE-352 (跨站请求伪造(CSRF)). AI Chinese analysis included.

CVE ID	Title	CVSS	Severity	Published
CVE-2023-47552	WordPress Image Hover Effects Plugin <= 5.5 is vulnerable to Cross Site Request Forgery (CSRF) — Image Hover Effects – WordPress Plugin	5.4	Medium	2023-11-18
CVE-2023-47553	WordPress UserHeat Plugin Plugin <= 1.1.6 is vulnerable to Cross Site Request Forgery (CSRF) — UserHeat Plugin	5.4	Medium	2023-11-18
CVE-2023-47556	WordPress Device Theme Switcher Plugin <= 3.0.2 is vulnerable to Cross Site Request Forgery (CSRF) — Device Theme Switcher	4.3	Medium	2023-11-18
CVE-2023-47644	WordPress ProfileGrid Plugin <= 5.6.6 is vulnerable to Cross Site Request Forgery (CSRF) — ProfileGrid – User Profiles, Memberships, Groups and Communities	5.4	Medium	2023-11-18
CVE-2023-47649	WordPress Best Restaurant Menu by PriceListo Plugin <= 1.3.1 is vulnerable to Cross Site Request Forgery (CSRF) — Best Restaurant Menu by PriceListo	5.4	Medium	2023-11-18
CVE-2023-47650	WordPress Add Local Avatar Plugin <= 12.1 is vulnerable to Cross Site Request Forgery (CSRF) — Add Local Avatar	6.5	Medium	2023-11-18
CVE-2023-47651	WordPress WP Links Page Plugin <= 4.9.4 is vulnerable to Cross Site Request Forgery (CSRF) — WP Links Page	4.3	Medium	2023-11-18
CVE-2023-47655	WordPress ANAC XML Bandi di Gara Plugin <= 7.5 is vulnerable to Cross Site Request Forgery (CSRF) — ANAC XML Bandi di Gara	5.4	Medium	2023-11-18
CVE-2023-47664	WordPress Plainview Protect Passwords Plugin <= 1.4 is vulnerable to Cross Site Request Forgery (CSRF) — Plainview Protect Passwords	6.5	Medium	2023-11-18
CVE-2023-47666	WordPress Code Snippets Plugin <= 3.5.0 is vulnerable to Cross Site Request Forgery (CSRF) — Code Snippets	4.3	Medium	2023-11-18
CVE-2023-47667	WordPress WP Full Stripe Free plugin <= 7.0.16 - Cross Site Request Forgery (CSRF) vulnerability on every Setting Save — WP Full Stripe Free	4.3	Medium	2023-11-18
CVE-2023-47670	WordPress Korea SNS Plugin <= 1.6.3 is vulnerable to Cross Site Request Forgery (CSRF) — Korea SNS	4.3	Medium	2023-11-18
CVE-2023-47671	WordPress Vertical scroll recent post Plugin <= 14.0 is vulnerable to Cross Site Request Forgery (CSRF) — Vertical scroll recent post	5.4	Medium	2023-11-18
CVE-2023-47672	WordPress WP Category Post List Widget Plugin <= 2.0.3 is vulnerable to Cross Site Request Forgery (CSRF) — WP Category Post List Widget	4.3	Medium	2023-11-18
CVE-2023-47685	WordPress Preloader Matrix Plugin <= 2.0.1 is vulnerable to Cross Site Request Forgery (CSRF) — Preloader Matrix	5.4	Medium	2023-11-18
CVE-2023-5444	CSRF in ePO leading to privilege escalation — ePolicy Orchestrator	8.0	High	2023-11-17
CVE-2023-47686	WordPress Arigato Autoresponder and Newsletter Plugin <= 2.7.2.2 is vulnerable to Cross Site Request Forgery (CSRF) — Arigato Autoresponder and Newsletter	4.3	Medium	2023-11-16
CVE-2023-47687	WordPress Woo Custom and Sequential Order Number Plugin <= 2.6.0 is vulnerable to Cross Site Request Forgery (CSRF) — Woo Custom and Sequential Order Number	4.3	Medium	2023-11-16
CVE-2023-47688	WordPress Youtube SpeedLoad Plugin <= 0.6.3 is vulnerable to Cross Site Request Forgery (CSRF) — Youtube SpeedLoad	4.3	Medium	2023-11-16
CVE-2023-6022	Cross-Site Request Forgery (CSRF) in prefecthq/prefect — prefecthq/prefect	8.8	-	2023-11-16
CVE-2023-4690	Elementor Addon Elements <= 1.12.7 - Cross-Site Request Forgery — Addon Elements for Elementor (formerly Elementor Addon Elements)	5.4	Medium	2023-11-15
CVE-2023-4689	Elementor Addon Elements <= 1.12.7 - Cross-Site Request Forgery — Addon Elements for Elementor (formerly Elementor Addon Elements)	5.4	Medium	2023-11-15
CVE-2023-47550	WordPress Donations Made Easy – Smart Donations Plugin <= 4.0.12 is vulnerable to Cross Site Scripting (XSS) — Donations Made Easy – Smart Donations	7.1	High	2023-11-14
CVE-2023-31230	WordPress Baidu Tongji generator Plugin <= 1.0.2 is vulnerable to Cross Site Request Forgery (CSRF) — Baidu Tongji generator	7.1	High	2023-11-13
CVE-2023-32123	WordPress The7 Theme <= 11.7.3 is vulnerable to Cross Site Request Forgery (CSRF) — The7	6.1	Medium	2023-11-13
CVE-2023-35877	WordPress Extra User Details Plugin <= 0.5 is vulnerable to Cross Site Request Forgery (CSRF) — Extra User Details	7.1	Medium	2023-11-13
CVE-2023-39166	WordPress tagDiv Composer Plugin < 4.4 is vulnerable to Cross Site Request Forgery (CSRF) — tagDiv Composer	7.1	High	2023-11-13
CVE-2023-40335	WordPress Cleverwise Daily Quotes Plugin <= 3.2 is vulnerable to Cross Site Scripting (XSS) — Cleverwise Daily Quotes	7.1	High	2023-11-13
CVE-2023-46092	WordPress Webmaster Tools Plugin <= 2.0 is vulnerable to Cross Site Request Forgery (CSRF) — Webmaster Tools	7.1	Medium	2023-11-13
CVE-2023-46201	WordPress Auto Login New User After Registration Plugin <= 1.9.6 is vulnerable to Cross Site Request Forgery (CSRF) — Auto Login New User After Registration	7.1	Medium	2023-11-13

Vulnerabilities classified as CWE-352 (跨站请求伪造(CSRF)) represent 4754 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.

Goal Reached Thanks to every supporter — we hit 100%!

CWE-352 (跨站请求伪造(CSRF)) — Vulnerability Class 4754