CWE-352 (跨站请求伪造(CSRF)) — Vulnerability Class 4751

4751 vulnerabilities classified as CWE-352 (跨站请求伪造(CSRF)). AI Chinese analysis included.

CVE ID	Title	CVSS	Severity	Published
CVE-2022-46862	WordPress Quiz And Survey Master Plugin <= 8.0.7 is vulnerable to Cross Site Request Forgery (CSRF) — Quiz And Survey Master – Best Quiz, Exam and Survey Plugin for WordPress	4.3	Medium	2023-02-14
CVE-2023-24377	WordPress Ecwid Shopping Cart Plugin <= 6.11.3 is vulnerable to Cross Site Request Forgery (CSRF) — Ecwid Ecommerce Shopping Cart	4.3	Medium	2023-02-14
CVE-2023-25065	WordPress WP Tabs Plugin <= 2.1.14 is vulnerable to Cross Site Request Forgery (CSRF) — WP Tabs – Responsive Tabs Plugin for WordPress	5.4	Medium	2023-02-14
CVE-2023-25066	WordPress FV Flowplayer Video Player Plugin <= 7.5.30.7212 is vulnerable to Cross Site Request Forgery (CSRF) — FV Flowplayer Video Player	4.3	Medium	2023-02-14
CVE-2022-43469	WordPress Corona Virus (COVID-19) Banner & Live Data Plugin <= 1.7.0.6 is vulnerable to Cross Site Request Forgery (CSRF) — Corona Virus (COVID-19) Banner & Live Data	5.4	Medium	2023-02-14
CVE-2022-41134	WordPress Optinly Plugin <= 1.0.15 is vulnerable to Cross Site Request Forgery (CSRF) — Optinly – Exit Intent, Newsletter Popups, Gamification & Opt-in Forms	5.4	Medium	2023-02-13
CVE-2022-34448	Dell PowerPath Management Appliance 跨站请求伪造漏洞 — PowerPath Management Appliance	8.8	High	2023-02-10
CVE-2022-41620	WordPress SeoSamba for WordPress Webmasters Plugin <= 1.0.5 is vulnerable to Cross Site Request Forgery (CSRF) — SeoSamba for WordPress Webmasters	5.4	Medium	2023-02-08
CVE-2023-0726	Wicked Folders <= 2.18.16 - Cross-Site Request Forgery via ajax_edit_folder — Wicked Folders – Folder Organizer for Pages, Posts, and Custom Post Types	5.4	Medium	2023-02-08
CVE-2023-0722	Wicked Folders <= 2.18.16 - Cross-Site Request Forgery via ajax_save_state — Wicked Folders – Folder Organizer for Pages, Posts, and Custom Post Types	5.4	Medium	2023-02-08
CVE-2023-0725	Wicked Folders <= 2.18.16 - Cross-Site Request Forgery via ajax_clone_folder — Wicked Folders – Folder Organizer for Pages, Posts, and Custom Post Types	5.4	Medium	2023-02-08
CVE-2023-0724	Wicked Folders <= 2.18.16 - Cross-Site Request Forgery via ajax_add_folder — Wicked Folders – Folder Organizer for Pages, Posts, and Custom Post Types	5.4	Medium	2023-02-08
CVE-2023-0685	Wicked Folders <= 2.18.16 - Cross-Site Request Forgery via ajax_unassign_folders — Wicked Folders – Folder Organizer for Pages, Posts, and Custom Post Types	5.4	Medium	2023-02-08
CVE-2023-0723	Wicked Folders <= 2.18.16 - Cross-Site Request Forgery on ajax_move_object — Wicked Folders – Folder Organizer for Pages, Posts, and Custom Post Types	5.4	Medium	2023-02-07
CVE-2023-0730	Wicked Folders <= 2.18.16 - Cross-Site Request Forgery via ajax_save_folder_order — Wicked Folders – Folder Organizer for Pages, Posts, and Custom Post Types	5.4	Medium	2023-02-07
CVE-2023-0727	Wicked Folders <= 2.18.16 - Cross-Site Request Forgery via ajax_delete_folder — Wicked Folders – Folder Organizer for Pages, Posts, and Custom Post Types	5.4	Medium	2023-02-07
CVE-2023-0728	Wicked Folders <= 2.18.16 - Cross-Site Request Forgery on ajax_save_folder — Wicked Folders – Folder Organizer for Pages, Posts, and Custom Post Types	5.4	Medium	2023-02-07
CVE-2023-0735	Cross-Site Request Forgery (CSRF) in wallabag/wallabag — wallabag/wallabag	6.5	-	2023-02-07
CVE-2022-2933	0mk Shortener <= 0.2 - Cross-Site Request Forgery to Stored Cross-Site Scripting — 0mk Shortener	5.4	Medium	2023-02-06
CVE-2022-27628	WordPress WZone – Lite Version Plugin <= 3.1 Lite is vulnerable to Cross Site Request Forgery (CSRF) — WZone – Lite Version	4.7	Medium	2023-02-06
CVE-2023-0674	XXL-JOB New Password updatePwd cross-site request forgery — XXL-JOB	4.3	Medium	2023-02-04
CVE-2022-46842	WordPress JS Help Desk plugin <= 2.7.1 is vulnerable to Cross Site Request Forgery (CSRF) — JS Help Desk	5.4	Medium	2023-02-02
CVE-2022-46815	WordPress Conditional Shipping for WooCommerce Plugin <= 2.3.1 is vulnerable to Cross Site Request Forgery (CSRF) — Conditional Shipping for WooCommerce	5.4	Medium	2023-02-02
CVE-2022-45807	WordPress WP Mail Log Plugin <= 1.0.1 is vulnerable to Cross Site Request Forgery (CSRF) — WP Mail Log	5.4	Medium	2023-02-02
CVE-2022-45067	WordPress Exclusive Addons Elementor Plugin <= 2.6.1 is vulnerable to Cross Site Request Forgery (CSRF) — Exclusive Addons for Elementor	4.3	Medium	2023-02-02
CVE-2022-40692	WordPress Sunshine Photo Cart Plugin <= 2.9.13 is vulnerable to Cross Site Request Forgery (CSRF) — Sunshine Photo Cart	5.4	Medium	2023-02-02
CVE-2022-44585	WordPress Homepage Pop-up Plugin <= 1.2.5 is vulnerable to Cross Site Request Forgery (CSRF) — Homepage Pop-up	5.4	Medium	2023-02-02
CVE-2022-36401	WordPress TeraWallet – For WooCommerce Plugin <= 1.3.24 is vulnerable to Cross Site Request Forgery (CSRF) — TeraWallet – For WooCommerce	5.4	Medium	2023-02-02
CVE-2023-0642	Cross-Site Request Forgery (CSRF) in squidex/squidex — squidex/squidex	6.5	-	2023-02-02
CVE-2022-32516	Schneider Electric Conext ComBox 跨站请求伪造漏洞 — Conext™ ComBox	7.5	High	2023-01-30

Vulnerabilities classified as CWE-352 (跨站请求伪造(CSRF)) represent 4751 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.

Goal Reached Thanks to every supporter — we hit 100%!

CWE-352 (跨站请求伪造(CSRF)) — Vulnerability Class 4751