CWE-352 (跨站请求伪造(CSRF)) — Vulnerability Class 4753

4753 vulnerabilities classified as CWE-352 (跨站请求伪造(CSRF)). AI Chinese analysis included.

CVE ID	Title	CVSS	Severity	Published
CVE-2022-47443	WordPress Multi Rating Plugin <= 5.0.5 is vulnerable to Cross Site Request Forgery (CSRF) — Multi Rating	4.3	Medium	2023-03-14
CVE-2022-47154	WordPress CSS JS Manager Plugin <= 2.4.49 is vulnerable to Cross Site Request Forgery (CSRF) — CSS JS Manager, Async JavaScript, Defer Render Blocking CSS supports WooCommerce	4.3	Medium	2023-03-14
CVE-2022-47155	WordPress Slider by Supsystic Plugin <= 1.8.5 is vulnerable to Cross Site Request Forgery (CSRF) — Slider by Supsystic	4.3	Medium	2023-03-14
CVE-2022-47162	WordPress DH – Anti AdBlocker Plugin <= 36 is vulnerable to Cross Site Request Forgery (CSRF) — DH – Anti AdBlocker	4.3	Medium	2023-03-14
CVE-2022-47163	WordPress WP CSV to Database Plugin <= 2.6 is vulnerable to Cross Site Request Forgery (CSRF) — WP CSV to Database – Insert CSV file content into WordPress database	3.1	Low	2023-03-14
CVE-2023-25170	PrestaShop has possible CSRF token fixation — PrestaShop	5.0	Medium	2023-03-13
CVE-2023-25973	WordPress Auto Affiliate Links Plugin <= 6.3.0.2 is vulnerable to Cross Site Request Forgery (CSRF) — Auto Affiliate Links	5.4	Medium	2023-03-13
CVE-2023-23711	WordPress A2 Optimized WP Plugin <= 3.0.4 is vulnerable to Cross Site Request Forgery (CSRF) — A2 Optimized WP	4.3	Medium	2023-03-13
CVE-2023-22700	WordPress PixelYourSite – Your smart PIXEL (TAG) Manager Plugin <= 9.3.0 is vulnerable to Cross Site Request Forgery (CSRF) — PixelYourSite – Your smart PIXEL (TAG) Manager	4.3	Medium	2023-03-13
CVE-2023-25991	WordPress RegistrationMagic Plugin <= 5.1.9.2 is vulnerable to Cross Site Request Forgery (CSRF) — RegistrationMagic	5.4	Medium	2023-03-13
CVE-2022-47440	WordPress My Tickets Plugin <= 1.9.10 is vulnerable to Cross Site Request Forgery (CSRF) — My Tickets	4.3	Medium	2023-03-13
CVE-2022-47166	WordPress Void Contact Form 7 Widget For Elementor Page Builder Plugin <= 2.1.1 is vulnerable to Cross Site Request Forgery (CSRF) — Void Contact Form 7 Widget For Elementor Page Builder	4.3	Medium	2023-03-13
CVE-2023-1346	RapidLoad Power-Up for Autoptimize <= 1.7.1 - Cross-Site Request Forgery via 'clear_page_cache' — RapidLoad AI – Optimize Web Vitals Automatically	4.3	Medium	2023-03-10
CVE-2023-1345	RapidLoad Power-Up for Autoptimize <= 1.7.1 - Cross-Site Request Forgery via 'queue_posts' — RapidLoad AI – Optimize Web Vitals Automatically	4.3	Medium	2023-03-10
CVE-2023-1344	RapidLoad Power-Up for Autoptimize <= 1.7.1 - Cross-Site Request Forgery via 'uucss_update_rule' — RapidLoad AI – Optimize Web Vitals Automatically	4.3	Medium	2023-03-10
CVE-2023-1343	RapidLoad Power-Up for Autoptimize <= 1.7.1 - Cross-Site Request Forgery via 'attach_rule' — RapidLoad AI – Optimize Web Vitals Automatically	4.3	Medium	2023-03-10
CVE-2023-1342	RapidLoad Power-Up for Autoptimize <= 1.7.1 - Cross-Site Request Forgery via 'ucss_connect' — RapidLoad AI – Optimize Web Vitals Automatically	4.3	Medium	2023-03-10
CVE-2023-1341	RapidLoad Power-Up for Autoptimize <= 1.7.1 - Cross-Site Request Forgery via 'ajax_deactivate' — RapidLoad AI – Optimize Web Vitals Automatically	4.3	Medium	2023-03-10
CVE-2023-1340	RapidLoad Power-Up for Autoptimize <= 1.7.1 - Cross-Site Request Forgery via 'clear_uucss_logs' — RapidLoad AI – Optimize Web Vitals Automatically	4.3	Medium	2023-03-10
CVE-2021-4333	WP Statistics <= 13.1.1 - Cross-Site Request Forgery to Arbitrary Plugin Activation and Deactivation — WP Statistics – Simple, privacy-friendly Google Analytics alternative	6.5	Medium	2023-03-07
CVE-2020-36669	JetBackup – WP Backup, Migrate & Restore <= 1.3.9 - Cross-Site Request Forgery to Arbitrary File Upload — JetBackup – Backup, Restore & Migrate	8.8	High	2023-03-07
CVE-2022-47148	WordPress WooCommerce PDF Invoices & Packing Slips Plugin <= 3.2.5 is vulnerable to Cross Site Request Forgery (CSRF) — PDF Invoices & Packing Slips for WooCommerce	4.3	Medium	2023-03-01
CVE-2022-46806	WordPress Cart All In One For WooCommerce Plugin <= 1.1.10 is vulnerable to Cross Site Request Forgery (CSRF) — Cart All In One For WooCommerce	5.4	Medium	2023-03-01
CVE-2022-46805	WordPress Conditional Payments for WooCommerce Plugin <= 2.3.1 is vulnerable to Cross Site Request Forgery (CSRF) — Conditional Shipping for WooCommerce	5.4	Medium	2023-03-01
CVE-2022-46798	WordPress WooLentor Plugin <= 2.5.1 is vulnerable to Cross Site Request Forgery (CSRF) — ShopLentor	5.4	Medium	2023-03-01
CVE-2022-46797	WordPress Conversios.io Plugin <= 5.2.3 is vulnerable to Cross Site Request Forgery (CSRF) — All-in-one Google Analytics, Pixels and Product Feed Manager for WooCommerce	5.4	Medium	2023-03-01
CVE-2022-45068	WordPress Mercado Pago payments for WooCommerce Plugin <= 6.3.1 is vulnerable to Cross Site Request Forgery (CSRF) — Mercado Pago payments for WooCommerce	4.3	Medium	2023-03-01
CVE-2022-45804	WordPress Robo Gallery Plugin <= 3.2.9 is vulnerable to Cross Site Request Forgery (CSRF) — Photo Gallery, Images, Slider in Rbs Image Gallery	5.4	Medium	2023-03-01
CVE-2022-40198	WordPress TeraWallet – For WooCommerce Plugin <= 1.3.24 is vulnerable to Cross Site Request Forgery (CSRF) — TeraWallet – For WooCommerce	4.3	Medium	2023-03-01
CVE-2022-38468	WordPress NextGEN Gallery Plugin <= 3.28 is vulnerable to Cross Site Request Forgery (CSRF) — WordPress Gallery Plugin – NextGEN Gallery	4.3	Medium	2023-03-01

Vulnerabilities classified as CWE-352 (跨站请求伪造(CSRF)) represent 4753 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.

Goal Reached Thanks to every supporter — we hit 100%!

CWE-352 (跨站请求伪造(CSRF)) — Vulnerability Class 4753