CWE-352 (跨站请求伪造(CSRF)) — Vulnerability Class 4754

4754 vulnerabilities classified as CWE-352 (跨站请求伪造(CSRF)). AI Chinese analysis included.

CVE ID	Title	CVSS	Severity	Published
CVE-2023-27417	WordPress Affiliate Super Assistent Plugin <= 1.5.1 is vulnerable to Cross Site Request Forgery (CSRF) — Affiliate Super Assistent	4.3	Medium	2023-11-12
CVE-2023-27418	WordPress Side Menu Lite Plugin <= 4.0 is vulnerable to Cross Site Request Forgery (CSRF) — Side Menu Lite – add sticky fixed buttons	4.3	Medium	2023-11-12
CVE-2023-27632	WordPress Daily Prayer Time Plugin <= 2023.03.08 is vulnerable to Cross Site Request Forgery (CSRF) — Daily Prayer Time	5.4	Medium	2023-11-12
CVE-2023-27623	WordPress WP Page Numbers Plugin <= 0.5 is vulnerable to Cross Site Request Forgery (CSRF) — WP Page Numbers	5.4	Medium	2023-11-12
CVE-2023-27611	WordPress Reusable Blocks Extended Plugin <= 0.9 is vulnerable to Cross Site Request Forgery (CSRF) — Reusable Blocks Extended	5.4	Medium	2023-11-12
CVE-2023-28167	WordPress CF7 Invisible reCAPTCHA Plugin <= 1.3.3 is vulnerable to Cross Site Request Forgery (CSRF) — CF7 Invisible reCAPTCHA	5.4	Medium	2023-11-12
CVE-2023-28172	WordPress WP Google Map Plugin Plugin <= 4.4.2 is vulnerable to Cross Site Request Forgery (CSRF) — WordPress Plugin for Google Maps – WP MAPS (formerly WP Google Map Plugin)	5.4	Medium	2023-11-12
CVE-2023-28173	WordPress Google XML Sitemap for Images Plugin <= 2.1.3 is vulnerable to Cross Site Request Forgery (CSRF) — Google XML Sitemap for Images	4.3	Medium	2023-11-12
CVE-2023-28419	WordPress Force First and Last Name as Display Name Plugin <= 1.2 is vulnerable to Cross Site Request Forgery (CSRF) — Force First and Last Name as Display Name	5.4	Medium	2023-11-12
CVE-2023-28420	WordPress Custom Options Plus Plugin <= 1.8.1 is vulnerable to Cross Site Request Forgery (CSRF) — Custom Options Plus	5.4	Medium	2023-11-12
CVE-2023-28495	WordPress WP Shortcode by MyThemeShop Plugin <= 1.4.16 is vulnerable to Cross Site Request Forgery (CSRF) — WP Shortcode by MyThemeShop	4.3	Medium	2023-11-12
CVE-2023-28497	WordPress Slideshow Gallery Plugin <= 1.7.6 is vulnerable to Cross Site Request Forgery (CSRF) — Slideshow Gallery LITE	5.4	Medium	2023-11-12
CVE-2023-28498	WordPress Hotel Booking Lite Plugin <= 4.6.0 is vulnerable to Cross Site Request Forgery (CSRF) — Hotel Booking Lite	4.3	Medium	2023-11-12
CVE-2023-28618	WordPress Enhanced Plugin Admin Plugin <= 1.16 is vulnerable to Cross Site Request Forgery (CSRF) — Enhanced Plugin Admin	5.4	Medium	2023-11-12
CVE-2023-28694	WordPress Wbcom Designs – BuddyPress Activity Social Share Plugin <= 3.5.0 is vulnerable to Cross Site Request Forgery (CSRF) — Wbcom Designs – BuddyPress Activity Social Share	5.4	Medium	2023-11-12
CVE-2023-28696	WordPress I Recommend This Plugin <= 3.9.0 is vulnerable to Cross Site Request Forgery (CSRF) — I Recommend This	4.3	Medium	2023-11-12
CVE-2023-28930	WordPress Mobile Banner Plugin <= 1.5 is vulnerable to Cross Site Request Forgery (CSRF) — Mobile Banner	4.3	Medium	2023-11-12
CVE-2023-28987	WordPress Wp Ultimate Review Plugin <= 2.0.3 is vulnerable to Cross Site Request Forgery (CSRF) — Wp Ultimate Review	4.3	Medium	2023-11-12
CVE-2023-29238	WordPress Whydonate – FREE Donate button Plugin <= 3.12.15 is vulnerable to Cross Site Request Forgery (CSRF) — Whydonate – FREE Donate button – Crowdfunding – Fundraising	4.3	Medium	2023-11-12
CVE-2023-29425	WordPress ShiftController Employee Shift Scheduling Plugin <= 4.9.23 is vulnerable to Cross Site Request Forgery (CSRF) — ShiftController Employee Shift Scheduling	5.4	Medium	2023-11-12
CVE-2023-29426	WordPress Spreadshop Plugin Plugin <= 1.6.5 is vulnerable to Cross Site Request Forgery (CSRF) — Spreadshop Plugin	4.3	Medium	2023-11-10
CVE-2023-29428	WordPress Superb Social Media Share Buttons and Follow Buttons Plugin <= 1.1.3 is vulnerable to Broken Access Control — Superb Social Media Share Buttons and Follow Buttons for WordPress	5.3	Medium	2023-11-10
CVE-2023-29440	WordPress Simple Job Board Plugin <= 2.10.3 is vulnerable to Cross Site Request Forgery (CSRF) — Simple Job Board	4.3	Medium	2023-11-10
CVE-2023-30478	WordPress Newsletters Plugin <= 4.8.8 is vulnerable to Cross Site Request Forgery (CSRF) — Newsletters	5.4	Medium	2023-11-10
CVE-2023-31077	WordPress Export WP Page to Static HTML/CSS Plugin <= 2.1.9 is vulnerable to Cross Site Request Forgery (CSRF) — Export WP Page to Static HTML/CSS	4.3	Medium	2023-11-10
CVE-2023-31078	WordPress WP BrowserUpdate Plugin <= 4.4.1 is vulnerable to Cross Site Request Forgery (CSRF) — WP BrowserUpdate	4.3	Medium	2023-11-10
CVE-2023-31086	WordPress Simple Giveaways Plugin <= 2.46.0 is vulnerable to Cross Site Request Forgery (CSRF) — Simple Giveaways – Grow your business, email lists and traffic with contests	5.4	Medium	2023-11-09
CVE-2023-31088	WordPress Floating Action Button Plugin <=1.2.1 is vulnerable to Cross Site Request Forgery (CSRF) — Floating Action Button	5.4	Medium	2023-11-09
CVE-2023-31093	WordPress Chronosly Events Calendar Plugin <= 2.6.2 is vulnerable to Cross Site Request Forgery (CSRF) — Chronosly Events Calendar	4.3	Medium	2023-11-09
CVE-2023-31235	WordPress Participants Database Plugin <= 2.4.9 is vulnerable to Cross Site Request Forgery (CSRF) — Participants Database	5.4	Medium	2023-11-09

Vulnerabilities classified as CWE-352 (跨站请求伪造(CSRF)) represent 4754 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.

Goal Reached Thanks to every supporter — we hit 100%!

CWE-352 (跨站请求伪造(CSRF)) — Vulnerability Class 4754