Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-352 (跨站请求伪造(CSRF)) — Vulnerability Class 4753

4753 vulnerabilities classified as CWE-352 (跨站请求伪造(CSRF)). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2023-3407 Subscribe2 <= 10.40 - Cross-Site Request Forgery — Subscribe2 – Form, Email Subscribers & Newsletters 4.3 Medium2023-06-28
CVE-2023-3427 Salon Booking System <= 8.4.6 - Cross-Site Request Forgery to Admin Role Change to Customer, User Meta Update via save_customer — Salon Booking System – Free Version 5.4 Medium2023-06-28
CVE-2023-3411 Image Map Pro – Drag-and-drop Builder for Interactive Images – Lite <= 1.0.0 - Cross-Site Request Forgery to Stored Cross-Site Scripting — Image Map Pro – Drag-and-drop Builder for Interactive Images – Lite 6.1 Medium2023-06-27
CVE-2023-1722 Yoga Class Registration System 1.0 - ATO — Yoga Class Registration System 9.1 Critical2023-06-24
CVE-2023-34028 WordPress WOLF Plugin <= 1.0.7 is vulnerable to Cross Site Request Forgery (CSRF) — WOLF – WordPress Posts Bulk Editor and Manager Professional 4.3 Medium2023-06-22
CVE-2023-32960 WordPress UpdraftPlus Plugin <= 1.23.3 is vulnerable to Cross Site Request Forgery (CSRF) — UpdraftPlus WordPress Backup Plugin 7.1 High2023-06-22
CVE-2023-35917 WordPress WooCommerce PayPal Payments Plugin <= 2.0.4 is vulnerable to Cross Site Request Forgery (CSRF) — WooCommerce PayPal Payments 4.3 Medium2023-06-22
CVE-2023-23795 WordPress Form Builder Plugin <= 1.9.9.0 is vulnerable to Cross Site Request Forgery (CSRF) — Form Builder 7.1 High2023-06-22
CVE-2022-3372 Cross-Site Request Forgery (CSRF) in Riello UPS Netman-204 — Netman-204 8.8 High2023-06-21
CVE-2023-2533 PaperCut MF/NG 22.0.10 (Build 65996 2023-03-27) - Remote code execution via CSRF — PaperCut NG/MF 8.4 High2023-06-20
CVE-2023-34373 WordPress Zephyr Project Manager Plugin <= 3.3.93 is vulnerable to Cross Site Request Forgery (CSRF) — Zephyr Project Manager 5.4 Medium2023-06-19
CVE-2023-25055 WordPress Google XML Sitemap for Videos Plugin <= 2.6.1 is vulnerable to Cross Site Request Forgery (CSRF) — Google XML Sitemap for Videos 4.3 Medium2023-06-15
CVE-2023-27634 WordPress Intrepidity Theme <= 1.5.1 is vulnerable to Cross Site Request Forgery (CSRF) — Intrepidity 8.8 High2023-06-15
CVE-2023-25450 WordPress GiveWP Plugin <= 2.25.1 is vulnerable to Cross Site Request Forgery (CSRF) — GiveWP – Donation Plugin and Fundraising Platform 5.4 Medium2023-06-15
CVE-2023-23802 WordPress HT Easy GA4 ( Google Analytics 4 ) Plugin <= 1.0.6 is vulnerable to Cross Site Request Forgery (CSRF) — HT Easy GA4 ( Google Analytics 4 ) 4.3 Medium2023-06-15
CVE-2023-25449 WordPress CformsII Plugin <=15.0.4 is vulnerable to Cross Site Request Forgery (CSRF) — cformsII 4.3 Medium2023-06-15
CVE-2023-35030 Liferay Portal 跨站请求伪造漏洞 — Portal 8.8 High2023-06-15
CVE-2023-3201 MStore API <= 3.9.6 - Cross-Site Request Forgery to Order Title Update — MStore API – Create Native Android & iOS Apps On The Cloud 4.3 Medium2023-06-14
CVE-2023-3198 MStore API <= 3.9.6 - Cross-Site Request Forgery to Order Status Update — MStore API – Create Native Android & iOS Apps On The Cloud 4.3 Medium2023-06-14
CVE-2023-3203 MStore API <= 3.9.6 - Cross-Site Request Forgery to Product Limit Update — MStore API – Create Native Android & iOS Apps On The Cloud 4.3 Medium2023-06-14
CVE-2023-3200 MStore API <= 3.9.6 - Cross-Site Request Forgery to Order Message Update — MStore API – Create Native Android & iOS Apps On The Cloud 4.3 Medium2023-06-14
CVE-2022-42880 WordPress Auto Upload Images Plugin <= 3.3 is vulnerable to Cross Site Request Forgery (CSRF) — Auto Upload Images 6.1 Medium2023-06-13
CVE-2023-30901 Siemens POWER METER SICAM 跨站请求伪造漏洞 — SICAM P850 4.3 Medium2023-06-13
CVE-2023-2563 WordPress Contact Forms by Cimatti <= 1.5.7 - Cross-Site Request Forgery via _accua_forms_form_edit_action — Contact Forms by Cimatti 4.3 Medium2023-06-13
CVE-2023-2277 WP Directory Kit <= 1.1.9 - Cross-Site Request Forgery to Stored Cross-Site Scripting via wdk_resultitem — WP Directory Kit 6.1 Medium2023-06-13
CVE-2023-2286 WP Activity Log <= 4.5.0 - Cross-Site Request Forgery via ajax_run_cleanup — WP Activity Log 4.3 Medium2023-06-09
CVE-2023-2285 WP Activity Log Premium <= 4.5.0 - Cross-Site Request Forgery via ajax_switch_db — WP Activity Log Premium 4.3 Medium2023-06-09
CVE-2023-2892 WP EasyCart <= 5.4.8 - Cross-Site Request Forgery via process_bulk_delete_product — Shopping Cart & eCommerce Store 6.5 Medium2023-06-09
CVE-2023-2894 WP EasyCart <= 5.4.8 - Cross-Site Request Forgery via process_bulk_deactivate_product — Shopping Cart & eCommerce Store 4.3 Medium2023-06-09
CVE-2023-2893 WP EasyCart <= 5.4.8 - Cross-Site Request Forgery via process_deactivate_product — Shopping Cart & eCommerce Store 4.3 Medium2023-06-09

Vulnerabilities classified as CWE-352 (跨站请求伪造(CSRF)) represent 4753 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.