CWE-352 (跨站请求伪造(CSRF)) — Vulnerability Class 4751

4751 vulnerabilities classified as CWE-352 (跨站请求伪造(CSRF)). AI Chinese analysis included.

CVE ID	Title	CVSS	Severity	Published
CVE-2022-3776	Restaurant Menu – Food Ordering System – Table Reservation <= 2.3.1 - Cross-Site Request Forgery — Restaurant Menu – Food Ordering System – Table Reservation	8.8	High	2022-11-03
CVE-2022-40291	Cross-site request forgery (CSRF) in PHP Point of Sale version 19.0, by PHP Point of Sale, LLC — PHP Point of Sale	8.8	-	2022-10-31
CVE-2022-41996	WordPress Avada premium theme <= 7.8.1 - Cross-Site Request Forgery (CSRF) vulnerability — Avada (premium WordPress theme)	8.8	High	2022-10-27
CVE-2022-2762	AdminPad < 2.2 - Note Update via CSRF — AdminPad	6.5	-	2022-10-25
CVE-2020-8976	ZGR TPS200 Cross-Site Request Forgery (CSRF) — ZGR TPS200 NG	9.6	Critical	2022-10-17
CVE-2022-23771	IPTIME NAS1DUAL CSRF Vulnerability — NAS1dual, NAS2dual, NAS4dual	8.0	High	2022-10-17
CVE-2022-3126	Frontend File Manager < 21.4 - File Upload via CSRF — Frontend File Manager Plugin	6.5	-	2022-10-17
CVE-2022-3149	WP Custom Cursors < 3.0.1 - Stored Cross-Site Scripting via CSRF — WP Custom Cursors	6.1	-	2022-10-17
CVE-2022-3151	WP Custom Cursors < 3.0.1 - Arbitrary Cursor Deletion via CSRF — WP Custom Cursors	6.5	-	2022-10-17
CVE-2022-38086	WordPress Shortcodes Ultimate plugin <= 5.12.0 - Cross-Site Request Forgery (CSRF) vulnerability — Shortcodes Ultimate (WordPress plugin)	5.4	Medium	2022-10-11
CVE-2021-36915	WordPress Profile Builder plugin <= 3.6.0 - Cross-Site Request Forgery (CSRF) vulnerability — Profile Builder – User Profile & User Registration Forms (WordPress plugin)	4.2	Medium	2022-10-11
CVE-2022-32175	AdGuardHome - CSRF — AdguardHome	5.4	-	2022-10-11
CVE-2022-40179	多款Siemens产品跨站请求伪造漏洞 — Desigo PXM30-1	7.3	-	2022-10-11
CVE-2022-40180	多款Siemens产品跨站请求伪造漏洞 — Desigo PXM30-1	7.3	-	2022-10-11
CVE-2022-3154	Multiple Plugins from Viszt Peter - Multiple CSRF — Woo Billingo Plus	7.1	-	2022-10-10
CVE-2022-3208	Simple File List < 4.4.13 - Page Creation via CSRF — Simple File List	6.5	-	2022-10-10
CVE-2022-39268	orchest vulnerable to cross-site request forgery that allows control of a user instance — orchest	8.1	High	2022-09-30
CVE-2021-36855	WordPress Booking Ultra Pro plugin <= 1.1.4 - Cross-Site Scripting (XSS) via Cross-Site Request Forgery (CSRF) vulnerability — Booking Ultra Pro (WordPress plugin)	6.1	Medium	2022-09-30
CVE-2021-36854	WordPress Booking Ultra Pro plugin <= 1.1.4 - Multiple Cross-Site Request Forgery (CSRF) vulnerabilities — Booking Ultra Pro (WordPress plugin)	5.4	Medium	2022-09-30
CVE-2022-3098	Login Block IPs <= 1.0.0 - Arbitrary Setting Update via CSRF — Login Block IPs	4.3	-	2022-09-26
CVE-2022-38454	WordPress Kraken.io Image Optimizer plugin <= 2.6.5 - Cross-Site Request Forgery (CSRF) vulnerability — Kraken.io Image Optimizer (WordPress plugin)	5.4	Medium	2022-09-23
CVE-2022-38079	WordPress Backup Scheduler plugin <= 1.5.13 - Cross-Site Request Forgery (CSRF) vulnerability — Backup Scheduler (WordPress plugin)	5.4	Medium	2022-09-23
CVE-2022-40132	WordPress Seriously Simple Podcasting plugin <= 2.16.0 - Cross-Site Request Forgery (CSRF) vulnerability — Seriously Simple Podcasting (WordPress plugin)	5.4	Medium	2022-09-23
CVE-2022-38704	WordPress SEO Redirection plugin <= 8.9 - Cross-Site Request Forgery (CSRF) vulnerability — SEO Redirection Plugin – 301 Redirect Manager (WordPress plugin)	5.4	Medium	2022-09-23
CVE-2022-36417	WordPress 3D Tag Cloud plugin <= 3.8 - Multiple Stored Cross-Site Scripting (XSS) via Cross-Site Request Forgery (CSRF) vulnerability — 3D Tag Cloud (WordPress plugin)	6.1	Medium	2022-09-23
CVE-2022-38470	WordPress Customer Reviews for WooCommerce plugin <= 5.3.5 - Cross-Site Request Forgery (CSRF) vulnerability — Customer Reviews for WooCommerce (WordPress plugin)	4.3	Medium	2022-09-23
CVE-2022-38085	WordPress Read more By Adam plugin <= 1.1.8 - Cross-Site Request Forgery (CSRF) vulnerability — Read more By Adam (WordPress plugin)	5.4	Medium	2022-09-23
CVE-2022-36388	WordPress YDS Support Ticket System plugin <= 1.0 - Cross-Site Request Forgery (CSRF) vulnerability — YDS Support Ticket System (WordPress plugin)	5.4	Medium	2022-09-23
CVE-2022-40671	WordPress Rate my Post – WP Rating System plugin <= 3.3.4 - Cross-Site Request Forgery (CSRF) vulnerability — Rate my Post – WP Rating System (WordPress plugin)	4.3	Medium	2022-09-23
CVE-2022-38095	WordPress Advanced Dynamic Pricing for WooCommerce plugin <= 4.1.3 - Cross-Site Request Forgery (CSRF) vulnerability — Advanced Dynamic Pricing for WooCommerce (WordPress plugin)	5.4	Medium	2022-09-23

Vulnerabilities classified as CWE-352 (跨站请求伪造(CSRF)) represent 4751 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.

Goal Reached Thanks to every supporter — we hit 100%!

CWE-352 (跨站请求伪造(CSRF)) — Vulnerability Class 4751