CWE-352 (跨站请求伪造(CSRF)) — Vulnerability Class 4751

4751 vulnerabilities classified as CWE-352 (跨站请求伪造(CSRF)). AI Chinese analysis included.

CVE ID	Title	CVSS	Severity	Published
CVE-2019-25254	KYOCERA Net Admin 3.4.0906 Cross-Site Request Forgery via User Administration — KYOCERA Net Admin	8.8	High	2025-12-24
CVE-2019-25252	Teradek VidiU Pro 3.0.3 Cross-Site Request Forgery via Password Change — VidiU Pro	4.3	Medium	2025-12-24
CVE-2019-25250	Devolo dLAN 500 AV Wireless+ 3.1.0-1 Cross-Site Request Forgery — dLAN 550 duo+ Starter Kit	5.3	Medium	2025-12-24
CVE-2019-25247	Beward N100 H.264 VGA IP Camera M2.1.6 CSRF Add Admin Vulnerability — N100 H.264 VGA IP Camera	5.3	Medium	2025-12-24
CVE-2019-25242	FaceSentry Access Control System 6.4.8 Cross-Site Request Forgery via Web Interface — FaceSentry Access Control System	4.3	Medium	2025-12-24
CVE-2019-25238	V-SOL GPON/EPON OLT Platform 2.03 Cross-Site Request Forgery Vulnerability — SOL GPON/EPON OLT Platform	4.3	Medium	2025-12-24
CVE-2018-25155	Teradek Slice 7.3.15 Cross-Site Request Forgery via Password Change — Slice	4.3	Medium	2025-12-24
CVE-2018-25156	Teradek Cube 7.3.6 Cross-Site Request Forgery Password Change — Cube	4.3	Medium	2025-12-24
CVE-2018-25152	Ecessa Edge EV150 10.7.4 Cross-Site Request Forgery via User Configuration — Ecessa Edge EV150	5.3	Medium	2025-12-24
CVE-2018-25150	Ecessa ShieldLink SL175EHQ 10.7.4 Cross-Site Request Forgery via User Configuration — Ecessa ShieldLink SL175EHQ	5.3	Medium	2025-12-24
CVE-2018-25151	Ecessa WANWorx WVR-30 < 10.7.4 Cross-Site Request Forgery via User Configuration — WANWorx WVR-30	4.3	Medium	2025-12-24
CVE-2018-25149	Microhard Systems IPn4G 1.1.0 Cross-Site Request Forgery via Web Interface — Microhard Systems 3G/4G Cellular Ethernet and Serial Gateway CSRF Vulnerabilities	6.5	Medium	2025-12-24
CVE-2018-25133	Synaccess netBooter NP-0801DU 7.4 Cross-Site Request Forgery via Admin Interface — netBooter NP-0801DU	4.3	Medium	2025-12-24
CVE-2018-25127	SOCA Access Control System 180612 Cross-Site Request Forgery via Admin Interface — SOCA Access Control System	5.3	Medium	2025-12-24
CVE-2025-68601	WordPress Five Star Restaurant Reservations plugin <= 2.7.8 - Cross Site Request Forgery (CSRF) vulnerability — Five Star Restaurant Reservations	5.4	Medium	2025-12-24
CVE-2025-68584	WordPress Vimeotheque plugin <= 2.3.5.2 - Cross Site Request Forgery (CSRF) vulnerability — Vimeotheque	4.3	Medium	2025-12-24
CVE-2025-68583	WordPress Fast User Switching plugin <= 1.4.10 - Cross Site Request Forgery (CSRF) vulnerability — Fast User Switching	4.3	Medium	2025-12-24
CVE-2025-68580	WordPress Advanced Classifieds & Directory Pro plugin <= 3.2.9 - Cross Site Request Forgery (CSRF) vulnerability — Advanced Classifieds & Directory Pro	4.3	Medium	2025-12-24
CVE-2025-68573	WordPress Simple Keyword to Link plugin <= 1.5 - Cross Site Request Forgery (CSRF) vulnerability — Simple Keyword to Link	5.4	Medium	2025-12-24
CVE-2025-68567	WordPress My auctions allegro plugin <= 3.6.33 - Cross Site Request Forgery (CSRF) vulnerability — My auctions allegro	5.4	Medium	2025-12-24
CVE-2025-67625	WordPress Trade Runner plugin <= 3.14 - Cross Site Request Forgery (CSRF) vulnerability — Trade Runner	4.3	Medium	2025-12-24
CVE-2025-67622	WordPress Evergreen Post Tweeter plugin <= 1.8.9 - Cross Site Request Forgery (CSRF) to Stored XSS vulnerability — Evergreen Post Tweeter	7.1	High	2025-12-24
CVE-2025-68529	WordPress WP Email Capture plugin <= 3.12.5 - Cross Site Request Forgery (CSRF) vulnerability — WP Email Capture	4.3	Medium	2025-12-24
CVE-2021-47722	Zucchetti Axess CLOKI Access Control 1.64 Cross-Site Request Forgery — Zucchetti Axess CLOKI Access Control	3.5	Low	2025-12-23
CVE-2025-14163	Premium Addons for Elementor <= 4.11.53 - Cross-Site Request Forgery via 'insert_inner_template' — Premium Addons for Elementor – Powerful Elementor Templates & Widgets	4.3	Medium	2025-12-23
CVE-2023-53961	SOUND4 IMPACT/FIRST/PULSE/Eco v2.x Cross-Site Request Forgery — Impact/Pulse/First	4.3	Medium	2025-12-22
CVE-2025-62107	WordPress Feather Login Page plugin <= 1.1.7 - Cross Site Request Forgery (CSRF) vulnerability — Feather Login Page	4.3	Medium	2025-12-22
CVE-2025-62880	WordPress Custom 404 Pro plugin <= 3.12.0 - Cross Site Request Forgery (CSRF) vulnerability — Custom 404 Pro	4.3	Medium	2025-12-22
CVE-2025-13361	Web to SugarCRM Lead <= 1.0.0 - Cross-Site Request Forgery to Custom Field Deletion — Web to SugarCRM Lead	4.3	Medium	2025-12-21
CVE-2025-13365	WP Hallo Welt <= 1.4. - Cross-Site Request Forgery to Stored Cross-Site Scripting — WP Hallo Welt	6.1	Medium	2025-12-20

Vulnerabilities classified as CWE-352 (跨站请求伪造(CSRF)) represent 4751 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.

Goal Reached Thanks to every supporter — we hit 100%!

CWE-352 (跨站请求伪造(CSRF)) — Vulnerability Class 4751