CWE-352 (跨站请求伪造(CSRF)) — Vulnerability Class 4753

4753 vulnerabilities classified as CWE-352 (跨站请求伪造(CSRF)). AI Chinese analysis included.

CVE ID	Title	CVSS	Severity	Published
CVE-2023-2307	Cross-Site Request Forgery (CSRF) in builderio/qwik — builderio/qwik	4.7	Medium	2023-04-26
CVE-2022-40724	Cross-Site Request Forgery on PingFederate Local Identity Profiles Endpoint. — PingFederate	6.4	Medium	2023-04-25
CVE-2023-22686	WordPress Nice PayPal Button Lite Plugin <= 1.3.5 is vulnerable to Cross Site Request Forgery (CSRF) — Nice PayPal Button Lite	5.4	Medium	2023-04-23
CVE-2023-23879	WordPress PHP Execution Plugin <= 1.0.0 is vulnerable to Cross Site Request Forgery (CSRF) — PHP Execution	4.3	Medium	2023-04-23
CVE-2022-45080	WordPress Add Multiple Marker Plugin <= 1.2 is vulnerable to Cross Site Request Forgery (CSRF) — Add Multiple Marker	5.4	Medium	2023-04-23
CVE-2022-45074	WordPress Activity Reactions For Buddypress Plugin <= 1.0.22 is vulnerable to Cross Site Request Forgery (CSRF) — Activity Reactions For Buddypress	4.3	Medium	2023-04-23
CVE-2022-4944	kalcaddle KodExplorer cross-site request forgery — KodExplorer	4.3	Medium	2023-04-22
CVE-2023-2228	Cross-Site Request Forgery (CSRF) in modoboa/modoboa — modoboa/modoboa	6.5	-	2023-04-21
CVE-2023-30616	Cross Site Request Forgery due to missing nonce verification in form block — form-block	6.5	Medium	2023-04-20
CVE-2023-27495	Bypass of CSRF protection in the presence of predictable userInfo in @fastify/csrf-protection — csrf-protection	5.3	Medium	2023-04-20
CVE-2023-30474	WordPress Ultimate Noindex Nofollow Tool II Plugin <= 1.3 is vulnerable to Cross Site Request Forgery (CSRF) — Ultimate Noindex Nofollow Tool II	4.3	Medium	2023-04-16
CVE-2012-10012	BestWebSoft Facebook Like Button facebook-button-plugin.php fcbk_bttn_plgn_settings_page cross-site request forgery — Facebook Like Button	4.3	Medium	2023-04-09
CVE-2012-10010	BestWebSoft Contact Form contact_form.php cntctfrm_settings_page cross-site request forgery — Contact Form	4.3	Medium	2023-04-09
CVE-2013-10025	Exit Strategy Plugin exitpage.php exitpageadmin cross-site request forgery — Exit Strategy Plugin	4.3	Medium	2023-04-08
CVE-2023-1937	zhenfeng13 My-Blog userInfo cross-site request forgery — My-Blog	4.3	Medium	2023-04-07
CVE-2023-1927	WP Fastest Cache <= 1.1.2 - Cross-Site Request Forgery via 'deleteCssAndJsCacheToolbar' — WP Fastest Cache – WordPress Cache Plugin	4.3	Medium	2023-04-06
CVE-2023-1926	WP Fastest Cache <= 1.1.2 - Cross-Site Request Forgery via 'deleteCacheToolbar' — WP Fastest Cache – WordPress Cache Plugin	4.3	Medium	2023-04-06
CVE-2023-1925	WP Fastest Cache <= 1.1.2 - Cross-Site Request Forgery via 'wpfc_clear_cache_of_allsites_callback' — WP Fastest Cache – WordPress Cache Plugin	4.3	Medium	2023-04-06
CVE-2023-1924	WP Fastest Cache <= 1.1.2 - Cross-Site Request Forgery via 'wpfc_toolbar_save_settings_callback' — WP Fastest Cache – WordPress Cache Plugin	4.3	Medium	2023-04-06
CVE-2023-1923	WP Fastest Cache <= 1.1.2 - Cross-Site Request Forgery via 'wpfc_remove_cdn_integration_ajax_request_callback' — WP Fastest Cache – WordPress Cache Plugin	4.3	Medium	2023-04-06
CVE-2023-1922	WP Fastest Cache <= 1.1.2 - Cross-Site Request Forgery via 'wpfc_pause_cdn_integration_ajax_request_callback' — WP Fastest Cache – WordPress Cache Plugin	4.3	Medium	2023-04-06
CVE-2023-1921	WP Fastest Cache <= 1.1.2 - Cross-Site Request Forgery via 'wpfc_start_cdn_integration_ajax_request_callback' — WP Fastest Cache – WordPress Cache Plugin	4.3	Medium	2023-04-06
CVE-2023-1920	WP Fastest Cache <= 1.1.2 - Cross-Site Request Forgery via 'wpfc_purgecache_varnish_callback' — WP Fastest Cache – WordPress Cache Plugin	4.3	Medium	2023-04-06
CVE-2023-1919	WP Fastest Cache <= 1.1.2 - Cross-Site Request Forgery via 'wpfc_preload_single_save_settings_callback' — WP Fastest Cache – WordPress Cache Plugin	4.3	Medium	2023-04-06
CVE-2023-1918	WP Fastest Cache <= 1.1.2 - Cross-Site Request Forgery via 'wpfc_preload_single_callback' — WP Fastest Cache – WordPress Cache Plugin	4.3	Medium	2023-04-06
CVE-2022-46793	WordPress Product Feed PRO for WooCommerce Plugin <= 12.4.4 is vulnerable to Cross Site Request Forgery (CSRF) — Product Feed PRO for WooCommerce	5.4	Medium	2023-04-06
CVE-2023-23801	WordPress Really Simple Google Tag Manager Plugin <= 1.0.6 is vulnerable to Cross Site Request Forgery (CSRF) — Really Simple Google Tag Manager	4.3	Medium	2023-04-06
CVE-2022-4941	WCFM Membership <= 2.9.10 - Cross-Site Request Forgery — WCFM Membership – WooCommerce Memberships for Multivendor Marketplace	6.3	Medium	2023-04-05
CVE-2022-4938	WCFM Frontend Manager <= 6.5.13 - Cross-Site Request Forgery — WCFM – Frontend Manager for WooCommerce	6.3	Medium	2023-04-05
CVE-2022-4936	WCFM Marketplace <= 3.4.12 - Cross-Site Request Forgery — WCFM Marketplace – Multivendor Marketplace for WooCommerce	6.3	Medium	2023-04-05

Vulnerabilities classified as CWE-352 (跨站请求伪造(CSRF)) represent 4753 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.

Goal Reached Thanks to every supporter — we hit 100%!

CWE-352 (跨站请求伪造(CSRF)) — Vulnerability Class 4753