CWE-352 (跨站请求伪造(CSRF)) — Vulnerability Class 4751

4751 vulnerabilities classified as CWE-352 (跨站请求伪造(CSRF)). AI Chinese analysis included.

CVE ID	Title	CVSS	Severity	Published
CVE-2022-45073	WordPress REST API Authentication plugin <= 2.4.0 - Cross-Site Request Forgery (CSRF) vulnerability — WordPress REST API Authentication (WordPress plugin)	5.4	Medium	2022-11-18
CVE-2022-38075	WordPress Mantenimiento web plugin <= 0.13 - Cross-Site Request Forgery (CSRF) vulnerability leading to Stored Cross-Site Scripting (XSS) — Mantenimiento web (WordPress plugin)	6.1	Medium	2022-11-18
CVE-2022-40687	WordPress Creative Mail plugin <= 1.5.4 - Cross-Site Request Forgery (CSRF) vulnerability — Creative Mail (WordPress plugin)	5.4	Medium	2022-11-18
CVE-2022-41805	WordPress Booster for WooCommerce plugin <= 5.6.6 - Cross-Site Request Forgery (CSRF) vulnerability — Booster for WooCommerce (WordPress plugin)	5.4	Medium	2022-11-18
CVE-2022-40686	WordPress Creative Mail plugin <= 1.5.4 - Cross-Site Request Forgery (CSRF) vulnerability — Creative Mail (WordPress plugin)	5.4	Medium	2022-11-18
CVE-2022-40192	WordPress wpForo Forum plugin <= 2.0.9 - Cross-Site Request Forgery (CSRF) vulnerability — wpForo Forum (WordPress plugin)	7.1	High	2022-11-17
CVE-2022-45071	WordPress WPML Multilingual CMS premium plugin <= 4.5.13 - Cross-Site Request Forgery (CSRF) vulnerability — WPML Multilingual CMS (WordPress plugin)	5.4	Medium	2022-11-17
CVE-2022-45072	WordPress WPML Multilingual CMS premium plugin <= 4.5.13 - Cross-Site Request Forgery (CSRF) vulnerability — WPML Multilingual CMS (WordPress plugin)	4.3	Medium	2022-11-17
CVE-2022-4021	Permalink Manager Lite <= 2.2.20.1 - Cross-Site Request Forgery — Permalink Manager Lite	8.8	High	2022-11-16
CVE-2022-3240	Follow Me Plugin <= 3.1.1 - Cross-Site Request Forgery to Cross-Site Scripting — Follow Me Plugin	8.8	High	2022-11-15
CVE-2022-2449	reSmush.it Image Optimizer < 0.4.7 - Multiple CSRF — reSmush.it : the only free Image Optimizer & compress plugin	6.5	-	2022-11-14
CVE-2022-3632	OAuth Client by DigitialPixies <= 1.1.0 - CSRF — OAuth Client by DigitialPixies	6.5	-	2022-11-14
CVE-2022-43488	WordPress Advanced Dynamic Pricing for WooCommerce plugin <= 4.1.5 - Cross-Site Request Forgery (CSRF) vulnerability — Advanced Dynamic Pricing for WooCommerce (WordPress plugin)	5.4	Medium	2022-11-09
CVE-2022-32587	WordPress WP Page Widget plugin <= 3.9 - Cross-Site Request Forgery (CSRF) vulnerability — WP Page Widget (WordPress plugin)	5.4	Medium	2022-11-08
CVE-2022-44741	WordPress Testimonial Slider plugin <= 1.3.1 - Cross-Site Request Forgery (CSRF) vulnerability — Testimonial Slider (WordPress plugin)	6.1	Medium	2022-11-08
CVE-2022-38137	WordPress Analytify plugin <= 4.2.2 - Cross-Site Request Forgery (CSRF) vulnerability — Analytify (WordPress plugin)	4.3	Medium	2022-11-08
CVE-2022-27855	WordPress Analytics Cat plugin <= 1.0.9 - Plugin Settings change via Cross-Site Request Forgery (CSRF) vulnerability — Analytics Cat (WordPress plugin)	5.4	Medium	2022-11-08
CVE-2022-41136	WordPress Shortcodes Ultimate plugin <= 5.12.0 - CSRF vulnerability leading to Stored XSS — Shortcodes Ultimate (WordPress plugin)	6.1	Medium	2022-11-08
CVE-2022-40632	WordPress wpForo Forum plugin <= 2.0.5 - Cross-Site Request Forgery (CSRF) vulnerability — wpForo Forum (WordPress plugin)	5.4	Medium	2022-11-08
CVE-2022-40128	WordPress Advanced Order Export For WooCommerce plugin <= 3.3.2 - Cross-Site Request Forgery (CSRF) vulnerability — Advanced Order Export For WooCommerce (WordPress plugin)	4.3	Medium	2022-11-08
CVE-2022-43481	WordPress Advanced Coupons for WooCommerce Coupons plugin <= 4.5 - Cross-Site Request Forgery (CSRF) vulnerability — Advanced Coupons (WordPress plugin)	5.4	Medium	2022-11-08
CVE-2022-43491	WordPress Advanced Dynamic Pricing for WooCommerce plugin <= 4.1.5 - Cross-Site Request Forgery (CSRF) vulnerability — Advanced Dynamic Pricing for WooCommerce (WordPress plugin)	5.4	Medium	2022-11-08
CVE-2022-30694	Siemens SIMATIC Drive Controller跨站请求伪造漏洞 — SIMATIC Drive Controller CPU 1504D TF	6.5	Medium	2022-11-08
CVE-2022-2387	Easy Digital Downloads < 3.0 - Arbitrary Post Deletion via CSRF — Easy Digital Downloads – Simple eCommerce for Selling Digital Files	4.3	-	2022-11-07
CVE-2022-38660	HCL XPages applications are susceptible to Cross Site Request Forgery (CSRF) vulnerability — HCL Domino	8.3	High	2022-11-04
CVE-2022-25952	WordPress Content Egg plugin <= 5.4.0 - Cross-Site Request Forgery (CSRF) vulnerability — Content Egg (WordPress plugin)	4.3	Medium	2022-11-03
CVE-2022-44627	WordPress Simple SEO plugin <= 1.8.12 - Cross-Site Request Forgery (CSRF) vulnerability — Simple SEO (WordPress plugin)	5.4	Medium	2022-11-03
CVE-2022-40131	WordPress Page View Count plugin <= 2.5.5 - Cross-Site Request Forgery (CSRF) vulnerability — Page View Count (WordPress plugin)	5.4	Medium	2022-11-03
CVE-2022-20961	Cisco Identity Services Engine 跨站请求伪造漏洞 — Cisco Identity Services Engine Software	8.8	High	2022-11-03
CVE-2022-3852	VR Calendar <= 2.3.3 - Cross-Site Request Forgery — VR Calendar	8.8	High	2022-11-03

Vulnerabilities classified as CWE-352 (跨站请求伪造(CSRF)) represent 4751 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.

Goal Reached Thanks to every supporter — we hit 100%!

CWE-352 (跨站请求伪造(CSRF)) — Vulnerability Class 4751