CWE-352 (跨站请求伪造(CSRF)) — Vulnerability Class 4753

4753 vulnerabilities classified as CWE-352 (跨站请求伪造(CSRF)). AI Chinese analysis included.

CVE ID	Title	CVSS	Severity	Published
CVE-2023-2896	WP EasyCart <= 5.4.8 - Cross-Site Request Forgery via process_duplicate_product — Shopping Cart & eCommerce Store	4.3	Medium	2023-06-09
CVE-2023-2895	WP EasyCart <= 5.4.8 - Cross-Site Request Forgery via process_bulk_activate_product — Shopping Cart & eCommerce Store	4.3	Medium	2023-06-09
CVE-2023-2087	Essential Blocks <= 4.0.6 - Cross-Site Request Forgery via save — Gutenberg Essential Blocks – Page Builder for Gutenberg Blocks & Patterns	4.3	Medium	2023-06-09
CVE-2023-0292	Quiz And Survey Master <= 8.0.8 - Cross-Site Request Forgery to Arbitrary Media Deletion — Quiz and Survey Master (QSM) – Easy Quiz and Survey Maker	5.4	Medium	2023-06-09
CVE-2023-1807	Elementor Addons, Widgets and Enhancements – Stax <= 1.4.3 - Cross-Site Request Forgery via toggle_widget — Stax Addons for Elementor	4.3	Medium	2023-06-09
CVE-2023-2891	WP EasyCart <= 5.4.8 - Cross-Site Request Forgery via process_delete_product — Shopping Cart & eCommerce Store	6.5	Medium	2023-06-09
CVE-2023-2067	Announcement & Notification Banner – Bulletin <= 3.7.0 - Cross-Site Request Forgery — Announcement & Notification Banner – Bulletin	6.3	Medium	2023-06-09
CVE-2023-0729	Wicked Folders <= 2.18.16 - Cross-Site Request Forgery via ajax_save_sort_order — Wicked Folders – Folder Organizer for Pages, Posts, and Custom Post Types	5.4	Medium	2023-06-09
CVE-2023-2599	Active Directory Integration / LDAP Integration <= 4.1.4 - Cross-Site Request Forgery to SQL Injection — Active Directory Integration / LDAP Integration	3.1	Low	2023-06-09
CVE-2023-2526	Easy Google Maps <= 1.11.7 - Cross-Site Request Forgery via AJAX action — Easy Google Maps	5.4	Medium	2023-06-09
CVE-2023-0832	Under Construction <= 3.96 - Cross-Site Request Forgery via admin_action_install_weglot — Under Construction	4.3	Medium	2023-06-09
CVE-2023-0831	Under Construction <= 3.96 - Cross-Site Request Forgery via admin_action_ucp_dismiss_notice — Under Construction	4.3	Medium	2023-06-09
CVE-2023-31200	PTC Vuforia Studio Cross-Site Request Forgery — Vuforia Studio	5.7	Medium	2023-06-07
CVE-2020-36717	Kali Forms <= 2.1.1 - Cross-Site Request Forgery — Kali Forms — Contact Form & Drag-and-Drop Builder	8.8	High	2023-06-07
CVE-2020-36707	Coming Soon & Maintenance Mode Page <= 1.57 - Cross-Site Request Forgery — Coming Soon & Maintenance Mode Page & Under Construction	8.8	High	2023-06-07
CVE-2021-4349	Process Steps Template Designer <= 1.2.1 - Cross-Site Request Forgery — Process Steps Template Designer	8.8	High	2023-06-07
CVE-2015-10116	RealFaviconGenerator Favicon Plugin class-favicon-by-realfavicongenerator-admin.php install_new_favicon cross-site request forgery — Favicon Plugin	4.3	Medium	2023-06-06
CVE-2013-10029	Exit Box Lite Plugin wordpress-exit-box-lite.php exitboxadmin cross-site request forgery — Exit Box Lite Plugin	4.3	Medium	2023-06-05
CVE-2013-10027	Blogger Importer Plugin blogger-importer.php restart cross-site request forgery — Blogger Importer Plugin	4.3	Medium	2023-06-04
CVE-2023-2416	Online Booking & Scheduling Calendar for WordPress by vcita <= 4.5 - Cross-Site Request Forgery to Account Logout — Online Booking & Scheduling Calendar for WordPress by vcita	5.4	Medium	2023-06-03
CVE-2023-2301	Contact Form Builder by vcita <= 4.10.3 - Cross-Site Request Forgery to Stored Cross-Site Scripting — Contact Form Builder by vcita	6.1	Medium	2023-06-03
CVE-2023-2303	Contact Form and Calls To Action by vcita <= 4.10.5 - Cross-Site Request Forgery to Stored Cross-Site Scripting — Contact Form Builder by vcita	6.1	Medium	2023-06-03
CVE-2023-2407	Event Registration Calendar By vcita <= 1.3.1 & Online Payments – Get Paid with PayPal, Square & Stripe <= 3.10.0 - Cross-Site Request Forgery to Stored Cross-Site Scripting — Event Registration Calendar By vcita	6.1	Medium	2023-06-03
CVE-2023-2405	CRM and Lead Management by vcita <= 2.7.0 - Cross-Site Request Forgery to Stored Cross-Site Scripting — CRM and Lead Management by vcita	6.1	Medium	2023-06-03
CVE-2023-3055	Page Builder by AZEXO <= 1.27.133 - Cross-Site Request Forgery to Stored Cross-Site Scripting via azh_save — Page Builder with Image Map by AZEXO	6.1	Medium	2023-06-02
CVE-2023-3052	Page Builder by AZEXO <= 1.27.133 - Cross-Site Request Forgery to Post Creation/Modification/Deletion — Page Builder with Image Map by AZEXO	6.3	Medium	2023-06-02
CVE-2023-3075	Cross-Site Request Forgery (CSRF) in tsolucio/corebos — tsolucio/corebos	8.1	-	2023-06-02
CVE-2015-10109	Video Playlist and Gallery Plugin wp-media-cincopa.php cross-site request forgery — Video Playlist and Gallery Plugin	4.3	Medium	2023-06-01
CVE-2023-3029	Guangdong Pythagorean OA Office System delete cross-site request forgery — Pythagorean OA Office System	4.3	Medium	2023-06-01
CVE-2015-10108	meitar Inline Google Spreadsheet Viewer Plugin inline-gdocs-viewer.php displayShortcode cross-site request forgery — Inline Google Spreadsheet Viewer Plugin	4.3	Medium	2023-05-31

Vulnerabilities classified as CWE-352 (跨站请求伪造(CSRF)) represent 4753 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.

Goal Reached Thanks to every supporter — we hit 100%!

CWE-352 (跨站请求伪造(CSRF)) — Vulnerability Class 4753