CWE-352 (跨站请求伪造(CSRF)) — Vulnerability Class 4756

4756 vulnerabilities classified as CWE-352 (跨站请求伪造(CSRF)). AI Chinese analysis included.

CVE ID	Title	CVSS	Severity	Published
CVE-2023-47237	WordPress WP Google My Business Auto Publish Plugin <= 3.7 is vulnerable to Cross Site Request Forgery (CSRF) — Auto Publish for Google My Business	5.4	Medium	2023-11-09
CVE-2023-46614	WordPress WP Helper Premium Plugin <= 4.5.1 is vulnerable to Cross Site Request Forgery (CSRF) — WP Helper Premium	5.4	Medium	2023-11-09
CVE-2023-34386	WordPress WPC Smart Wishlist for WooCommerce Plugin <= 4.7.1 is vulnerable to Cross Site Request Forgery (CSRF) — WPC Smart Wishlist for WooCommerce	4.3	Medium	2023-11-09
CVE-2023-31087	WordPress JS Job Manager Plugin <=2.0.0 is vulnerable to Cross Site Request Forgery (CSRF) — JS Job Manager	5.4	Medium	2023-11-09
CVE-2023-34002	WordPress WP Inventory Manager Plugin <= 2.1.0.13 is vulnerable to Cross Site Request Forgery (CSRF) — WP Inventory Manager	5.4	Medium	2023-11-09
CVE-2023-25975	WordPress Etsy Shop Plugin <= 3.0.3 is vulnerable to Cross Site Request Forgery (CSRF) — Etsy Shop	5.4	Medium	2023-11-09
CVE-2023-25994	WordPress Publish to Schedule Plugin <= 4.4.2 is vulnerable to Cross Site Request Forgery (CSRF) — Publish to Schedule	5.4	Medium	2023-11-09
CVE-2023-5982	UpdraftPlus <= 1.23.10 - Cross-Site Request Forgery to Google Drive Storage Update — UpdraftPlus: WP Backup & Migration Plugin	5.4	Medium	2023-11-07
CVE-2023-5818	Amazonify <= 0.8.1 - Cross-Site Request Forgery to Amazon Tracking ID Update — Amazonify	4.3	Medium	2023-11-07
CVE-2023-32966	WordPress Jazz Popups Plugin <= 1.8.7 is vulnerable to Cross Site Request Forgery (CSRF) leading to Stored XSS — Jazz Popups	5.4	Medium	2023-11-07
CVE-2022-47181	WordPress Email Templates Plugin <= 1.4.2 is vulnerable to Cross Site Request Forgery (CSRF) — Email Templates Customizer and Designer for WordPress and WooCommerce	4.3	Medium	2023-11-07
CVE-2023-5532	ImageMapper <= 1.2.6 - Cross-Site Request Forgery to Stored Cross-Site Scripting via imgmap_save_area_title — ImageMapper	6.1	Medium	2023-11-07
CVE-2023-5975	ImageMapper <= 1.2.6 - Cross-Site Request Forgery to Plugin Settings Change via ajax — ImageMapper	4.3	Medium	2023-11-07
CVE-2023-47186	WordPress Kadence WooCommerce Email Designer Plugin <= 1.5.11 is vulnerable to Cross Site Request Forgery (CSRF) — Kadence WooCommerce Email Designer	4.3	Medium	2023-11-06
CVE-2023-5823	WordPress TK Google Fonts GDPR Compliant Plugin <= 2.2.11 is vulnerable to Cross Site Request Forgery (CSRF) — TK Google Fonts GDPR Compliant	4.3	Medium	2023-11-06
CVE-2023-46781	WordPress Current Menu Item for Custom Post Types Plugin <= 1.5 is vulnerable to Cross Site Request Forgery (CSRF) — Current Menu Item for Custom Post Types	4.3	Medium	2023-11-06
CVE-2023-46780	WordPress Alter Plugin <= 1.0 is vulnerable to Cross Site Request Forgery (CSRF) — Alter	4.3	Medium	2023-11-06
CVE-2023-46779	WordPress EasyRecipe Plugin <= 3.5.3251 is vulnerable to Cross Site Request Forgery (CSRF) — EasyRecipe	5.4	Medium	2023-11-06
CVE-2023-46778	WordPress Auto Limit Posts Reloaded Plugin <= 2.5 is vulnerable to Cross Site Request Forgery (CSRF) — Auto Limit Posts Reloaded	4.3	Medium	2023-11-06
CVE-2023-46777	WordPress Feather Login Page Plugin <= 1.1.3 is vulnerable to Cross Site Request Forgery (CSRF) — Custom Login Page \| Temporary Users \| Rebrand Login \| Login Captcha	5.4	Medium	2023-11-06
CVE-2023-46776	WordPress Auto Excerpt everywhere Plugin <= 1.5 is vulnerable to Cross Site Request Forgery (CSRF) — Auto Excerpt everywhere	4.3	Medium	2023-11-06
CVE-2023-46775	WordPress Original texts Yandex WebMaster Plugin <= 1.18 is vulnerable to Cross Site Request Forgery (CSRF) — Original texts Yandex WebMaster	4.3	Medium	2023-11-06
CVE-2023-47182	WordPress Login Screen Manager Plugin <= 3.5.2 is vulnerable to Cross Site Scripting (XSS) — Login Screen Manager	7.1	High	2023-11-06
CVE-2023-42027	IBM CICS TX cross-site request forgery — CICS TX Standard	4.3	Medium	2023-11-02
CVE-2023-5900	Cross-Site Request Forgery in pkp/pkp-lib — pkp/pkp-lib	3.5	Low	2023-11-01
CVE-2023-5898	Cross-Site Request Forgery (CSRF) in pkp/pkp-lib — pkp/pkp-lib	8.1	-	2023-11-01
CVE-2023-5897	Cross-Site Request Forgery (CSRF) in pkp/customLocale — pkp/customLocale	8.1	-	2023-11-01
CVE-2023-5902	Cross-Site Request Forgery (CSRF) in pkp/pkp-lib — pkp/pkp-lib	8.1	-	2023-11-01
CVE-2023-5899	Cross-Site Request Forgery (CSRF) in pkp/pkp-lib — pkp/pkp-lib	8.1	-	2023-11-01
CVE-2023-5893	Cross-Site Request Forgery (CSRF) in pkp/pkp-lib — pkp/pkp-lib	8.1	-	2023-11-01

Vulnerabilities classified as CWE-352 (跨站请求伪造(CSRF)) represent 4756 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.

Goal Reached Thanks to every supporter — we hit 100%!

CWE-352 (跨站请求伪造(CSRF)) — Vulnerability Class 4756