Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-352 (跨站请求伪造(CSRF)) — Vulnerability Class 4754

4754 vulnerabilities classified as CWE-352 (跨站请求伪造(CSRF)). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2023-4924 BEAR <= 1.1.3.3 - Missing Authorization to Product Deletion — BEAR – Bulk Editor and Products Manager Professional for WooCommerce by Pluginus.Net 5.4 Medium2023-10-20
CVE-2023-4923 BEAR <= 1.1.3.3 - Cross-Site Request Forgery to Product Deletion — BEAR – Bulk Editor and Products Manager Professional for WooCommerce by Pluginus.Net 5.4 Medium2023-10-20
CVE-2023-4935 BEAR <= 1.1.3.3 - Cross-Site Request Forgery to Profile Creation — BEAR – Bulk Editor and Products Manager Professional for WooCommerce by Pluginus.Net 4.3 Medium2023-10-20
CVE-2023-4920 BEAR <= 1.1.3.3 - Cross-Site Request Forgery to Stored Cross-Site Scripting — BEAR – Bulk Editor and Products Manager Professional for WooCommerce by Pluginus.Net 4.3 Medium2023-10-20
CVE-2023-4937 BEAR <= 1.1.3.3 - Cross-Site Request Forgery to Product Manipulation — BEAR – Bulk Editor and Products Manager Professional for WooCommerce by Pluginus.Net 4.3 Medium2023-10-20
CVE-2023-4940 BEAR <= 1.1.3.3 - Cross-Site Request Forgery to Product Manipulation — BEAR – Bulk Editor and Products Manager Professional for WooCommerce by Pluginus.Net 4.3 Medium2023-10-20
CVE-2023-4975 Website Builder by SeedProd <= 6.15.13.1 - Cross-Site Request Forgery to Settings Update — Website Builder by SeedProd — Theme Builder, Landing Page Builder, Coming Soon Page, Maintenance Mode 4.3 Medium2023-10-20
CVE-2023-4942 BEAR <= 1.1.3.3 - Cross-Site Request Forgery to Product Manipulation — BEAR – Bulk Editor and Products Manager Professional for WooCommerce by Pluginus.Net 4.3 Medium2023-10-20
CVE-2023-44385 Client-Side Request Forgery in Home Assistant iOS/macOS native Apps — core 8.6 High2023-10-19
CVE-2023-42435 Cross-Site Request Forgery in DEXMA DEXGate — DexGate 5.5 Medium2023-10-19
CVE-2023-3254 Widgets for Google Reviews <= 10.9 - Cross-Site Request Forgery to Plugin Settings Reset — Widgets for Google Reviews 4.3 Medium2023-10-18
CVE-2023-5626 Cross-Site Request Forgery (CSRF) in pkp/ojs — pkp/ojs 8.1 -2023-10-17
CVE-2023-45141 CSRF Token Validation Vulnerability in fiber — fiber 8.6 High2023-10-16
CVE-2023-46087 WordPress Who Hit The Page – Hit Counter Plugin <= 1.4.14.3 is vulnerable to Cross Site Request Forgery (CSRF) — Who Hit The Page – Hit Counter 4.3 Medium2023-10-16
CVE-2023-45836 WordPress Ultimate Taxonomy Manager Plugin <= 2.0 is vulnerable to Cross Site Request Forgery (CSRF) — Ultimate Taxonomy Manager 4.3 Medium2023-10-16
CVE-2023-45831 WordPress AMP WP Plugin <= 1.5.15 is vulnerable to Cross Site Request Forgery (CSRF) — AMP WP – Google AMP For WordPress 5.4 Medium2023-10-16
CVE-2023-45763 WordPress Taggbox Plugin <= 2.9 is vulnerable to Cross Site Request Forgery (CSRF) — Taggbox 5.4 Medium2023-10-16
CVE-2023-45753 WordPress which template file Plugin <= 4.6.0 is vulnerable to Cross Site Request Forgery (CSRF) — which template file 4.3 Medium2023-10-16
CVE-2023-45752 WordPress Post Gallery Plugin <= 2.3.12 is vulnerable to Cross Site Request Forgery (CSRF) — Post Gallery 4.3 Medium2023-10-16
CVE-2023-45749 WordPress AGP Font Awesome Collection Plugin <= 3.2.4 is vulnerable to Cross Site Request Forgery (CSRF) — AGP Font Awesome Collection 4.3 Medium2023-10-16
CVE-2023-45748 WordPress MailChimp Forms by MailMunch Plugin <= 3.1.4 is vulnerable to Cross Site Request Forgery (CSRF) — MailChimp Forms by MailMunch 4.3 Medium2023-10-16
CVE-2023-45647 WordPress Constant Contact Forms by MailMunch Plugin <= 2.0.10 is vulnerable to Cross Site Request Forgery (CSRF) — Constant Contact Forms by MailMunch 5.4 Medium2023-10-16
CVE-2023-45645 WordPress WP Open Street Map Plugin <= 1.25 is vulnerable to Cross Site Request Forgery (CSRF) — WP Open Street Map 5.4 Medium2023-10-16
CVE-2023-45643 WordPress CPT Shortcode Generator Plugin <= 1.0 is vulnerable to Cross Site Request Forgery (CSRF) — CPT Shortcode Generator 4.3 Medium2023-10-16
CVE-2023-45642 WordPress Snap Pixel Plugin <= 1.5.7 is vulnerable to Cross Site Request Forgery (CSRF) — Snap Pixel 5.4 Medium2023-10-16
CVE-2023-45641 WordPress Caret Country Access Limit Plugin <= 1.0.2 is vulnerable to Cross Site Request Forgery (CSRF) — Caret Country Access Limit 5.4 Medium2023-10-16
CVE-2023-45639 WordPress Sort SearchResult By Title Plugin <= 10.0 is vulnerable to Cross Site Request Forgery (CSRF) — Sort SearchResult By Title 4.3 Medium2023-10-16
CVE-2023-45638 WordPress Eupago Gateway For Woocommerce Plugin <= 3.1.9 is vulnerable to Cross Site Request Forgery (CSRF) — Eupago Gateway For Woocommerce 6.5 Medium2023-10-16
CVE-2023-45656 WordPress Lazy Load for Videos Plugin <= 2.18.2 is vulnerable to Cross Site Request Forgery (CSRF) — Lazy Load for Videos 5.4 Medium2023-10-16
CVE-2023-45655 WordPress PixFields Plugin <= 0.7.0 is vulnerable to Cross Site Request Forgery (CSRF) — PixFields 4.3 Medium2023-10-16

Vulnerabilities classified as CWE-352 (跨站请求伪造(CSRF)) represent 4754 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.