Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-352 (跨站请求伪造(CSRF)) — Vulnerability Class 4754

4754 vulnerabilities classified as CWE-352 (跨站请求伪造(CSRF)). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2023-4868 SourceCodester Contact Manager App add.php cross-site request forgery — Contact Manager App 4.3 Medium2023-09-10
CVE-2023-4865 SourceCodester Take-Note App cross-site request forgery — Take-Note App 4.3 Medium2023-09-09
CVE-2023-39372 StarTrinity Softswitch version 2023-02-16 - multiple CSRF (CWE-352) — Softswitch 8.1 High2023-09-03
CVE-2023-31174 Cross-Site Request Forgery (CSRF) — SEL-5037 SEL Grid Configurator 7.4 High2023-08-31
CVE-2023-3764 WooCommerce PDF Invoice Builder <= 1.2.90 - Cross-Site Request Forgery via Save — PDF Builder for WooCommerce. Create invoices,packing slips and more 4.3 Medium2023-08-31
CVE-2023-2352 CHP Ads Block Detector <= 3.9.4 - Cross-Site Request Forgery via chp_abd_action — CHP Ads Block Detector 4.3 Medium2023-08-31
CVE-2023-2279 WP Directory Kit <= 1.2.1 - Cross-Site Request Forgery to Plugin Settings Change/Delete, Demo Import, Directory Kit Modification/Deletion via admin_page_display — WP Directory Kit 5.4 Medium2023-08-31
CVE-2023-4000 Waiting: One-click countdowns <= 0.6.2 - Cross-Site Request Forgery — Waiting: One-click countdowns 6.3 Medium2023-08-31
CVE-2023-4161 WooCommerce PDF Invoice Builder <= 1.2.90 - Cross-Site Request Forgery to Custom Field Creation — PDF Builder for WooCommerce. Create invoices,packing slips and more 4.3 Medium2023-08-31
CVE-2023-23473 IBM InfoSphere Information Server cross-site request forgery — InfoSphere Information Server 5.3 Medium2023-08-28
CVE-2023-40572 XWiki Platform vulnerable to CSRF privilege escalation/RCE via the create action — xwiki-platform 9.1 Critical2023-08-24
CVE-2023-4301 CSRF vulnerability in Fortify Plugin allow capturing credentials — Jenkins Fortify Plugin 4.2 Medium2023-08-21
CVE-2023-4455 Cross-Site Request Forgery (CSRF) in wallabag/wallabag — wallabag/wallabag 6.5 -2023-08-21
CVE-2023-4454 Cross-Site Request Forgery (CSRF) in wallabag/wallabag — wallabag/wallabag 6.5 -2023-08-21
CVE-2023-40172 Cross-Site Request Forgery (CSRF) in fobybus/social-media-skeleton — social-media-skeleton 6.5 Medium2023-08-18
CVE-2023-31218 WordPress WOLF Plugin <= 1.0.6 is vulnerable to CSRF leading to Stored Cross Site Scripting (XSS) vulnerability — WOLF – WordPress Posts Bulk Editor and Manager Professional 7.1 High2023-08-18
CVE-2023-20221 Cisco IP Phone 跨站请求伪造漏洞 — Cisco IP Phones with Multiplatform Firmware 6.5 Medium2023-08-16
CVE-2023-4276 Absolute Privacy <= 2.1 - Cross-Site Request Forgery to User Email/Password Change — Absolute Privacy 8.8 High2023-08-10
CVE-2023-4277 Realia <= 1.4.0 - Cross-Site Request Forgery to User Email Change — Realia 8.8 High2023-08-10
CVE-2023-3977 Inisev Plugins (Various Versions) - Cross-Site Request Forgery on handle_installation function — Redirection 4.3 Medium2023-07-28
CVE-2023-38512 WordPress WpStream plugin <= 4.5.4 - Cross Site Request Forgery (CSRF) vulnerability — WpStream 5.4 Medium2023-07-27
CVE-2023-3414 Cross-Site Request Forgery (CSRF) in Jenkins Plug-in for ServiceNow DevOps — Jenkins plug-in for ServiceNow DevOps 6.1 Medium2023-07-26
CVE-2023-3841 NxFilter user.jsp cross-site request forgery — NxFilter 4.3 Medium2023-07-23
CVE-2023-37892 WordPress Shortcode IMDB Plugin <= 6.0.8 is vulnerable to Cross Site Request Forgery (CSRF) — Shortcode IMDB 4.3 Medium2023-07-18
CVE-2023-37973 WordPress Replace Word Plugin <= 2.1 is vulnerable to Cross Site Request Forgery (CSRF) — Replace Word 5.4 Medium2023-07-18
CVE-2023-37889 WordPress WPAdmin AWS CDN Plugin <= 2.0.13 is vulnerable to Cross Site Request Forgery (CSRF) — WPAdmin AWS CDN 4.3 Medium2023-07-18
CVE-2023-25036 WordPress Social Media Icons Widget Plugin <= 1.6 is vulnerable to Cross Site Request Forgery (CSRF) — Social Media Icons Widget 4.3 Medium2023-07-18
CVE-2023-37387 WordPress Classified Listing Plugin <= 2.4.5 is vulnerable to Cross Site Request Forgery (CSRF) — Classified Listing 5.4 Medium2023-07-18
CVE-2022-47169 WordPress Visibility Logic for Elementor Plugin <= 2.3.4 is vulnerable to Cross Site Request Forgery (CSRF) — Visibility Logic for Elementor 4.3 Medium2023-07-18
CVE-2023-37386 WordPress Media Library Helper by Codexin Plugin <= 1.2.0 is vulnerable to Cross Site Request Forgery (CSRF) — Media Library Helper 5.4 Medium2023-07-18

Vulnerabilities classified as CWE-352 (跨站请求伪造(CSRF)) represent 4754 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.