Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-352 (跨站请求伪造(CSRF)) — Vulnerability Class 4751

4751 vulnerabilities classified as CWE-352 (跨站请求伪造(CSRF)). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2022-36798 WordPress Mega Addons For WPBakery Page Builder plugin <= 4.2.7 - Cross-Site Request Forgery (CSRF) vulnerability — Mega Addons For WPBakery Page Builder (WordPress plugin) 5.4 Medium2022-09-23
CVE-2022-3274 Cross-Site Request Forgery (CSRF) on user's settings in GitHub repository ikus060/rdiffweb prior to 2.4.6. in ikus060/rdiffweb — ikus060/rdiffweb 7.1 -2022-09-22
CVE-2022-3267 Cross-Site Request Forgery (CSRF) in ikus060/rdiffweb — ikus060/rdiffweb 7.1 -2022-09-22
CVE-2022-3233 Cross-Site Request Forgery (CSRF) in ikus060/rdiffweb — ikus060/rdiffweb 7.1 -2022-09-21
CVE-2022-40219 WordPress FavIcon Switcher plugin <= 1.2.11 - Cross-Site Request Forgery (CSRF) vulnerability — FavIcon Switcher (WordPress plugin) 5.4 Medium2022-09-21
CVE-2022-1591 WordPress Ping Optimizer < 2.35.1.3.0 - Arbitrary Settings Update via CSRF — WordPress Ping Optimizer 4.3 -2022-09-19
CVE-2022-3232 Cross-Site Request Forgery (CSRF) in ikus060/rdiffweb — ikus060/rdiffweb 7.1 -2022-09-17
CVE-2022-29489 WordPress Sucuri Security plugin <= 1.8.33 - Cross-Site Request Forgery (CSRF) vulnerability — Sucuri Security (WordPress plugin) 4.3 -2022-09-16
CVE-2022-3221 Cross-Site Request Forgery (CSRF) in ikus060/rdiffweb — ikus060/rdiffweb 7.1 -2022-09-15
CVE-2022-40623 WAVLINK Quantum D4G (WN531G3) CSRF — WN531G3 8.8 -2022-09-13
CVE-2022-38139 WordPress RD Station plugin <= 5.2.0 - Multiple Cross-Site Request Forgery (CSRF) vulnerabilities — RD Station (WordPress plugin) 5.4 Medium2022-09-13
CVE-2022-35277 WordPress GetResponse plugin <= 5.5.20 - Cross-Site Request Forgery (CSRF) vulnerability — GetResponse for WordPress (WordPress plugin) 5.4 Medium2022-09-09
CVE-2022-37411 WordPress Captcha Code plugin <= 2.7 - Cross-Site Request Forgery (CSRF) vulnerability — Captcha Code (WordPress plugin) 5.4 Medium2022-09-09
CVE-2022-37405 WordPress Better Font Awesome plugin <= 2.0.1 - Cross-Site Request Forgery (CSRF) vulnerability — Better Font Awesome (WordPress plugin) 4.3 Medium2022-09-09
CVE-2022-38093 WordPress All in One SEO plugin <= 4.2.3.1 - Multiple Cross-Site Request Forgery (CSRF) vulnerabilities — All in One SEO (WordPress plugin) 5.4 Medium2022-09-09
CVE-2022-38144 WordPress wpForo Forum plugin <= 2.0.5 - Cross-Site Request Forgery (CSRF) vulnerability — wpForo Forum (WordPress plugin) 8.8 -2022-09-09
CVE-2022-38059 WordPress Access Code Feeder plugin <= 1.0.3 - Cross-Site Request Forgery (CSRF) vulnerability — Access Code Feeder (WordPress plugin) 5.5 Medium2022-09-09
CVE-2022-36095 XWiki Cross-Site Request Forgery (CSRF) for actions on tags — xwiki-platform 4.3 Medium2022-09-08
CVE-2022-2540 Link Optimizer Lite <= 1.4.5 - Cross-Site Request Forgery to Cross-Site Scripting — Link Optimizer Lite 8.8 High2022-09-06
CVE-2022-2541 uContext for Amazon <= 3.9.1 - Cross-Site Request Forgery to Cross-Site Scripting — uContext for Amazon 8.8 High2022-09-06
CVE-2022-2542 uContext for Clickbank <= 3.9.1 - Cross-Site Request Forgery to Cross-Site Scripting — uContext for Clickbank 8.8 High2022-09-06
CVE-2022-2518 Stockists Manager for Woocommerce <= 1.0.2.1 - Cross-Site Request Forgery to Stored Cross-Site Scripting — Stockists Manager for Woocommerce 8.8 High2022-09-06
CVE-2022-2432 Ecwid Ecommerce Shopping Cart <= 6.10.23 - Cross-Site Request Forgery to Settings/Options Update — Ecwid Ecommerce Shopping Cart 8.8 High2022-09-06
CVE-2022-2233 Banner Cycler <= 1.4 - Cross-Site Request Forgery to Cross-Site Scripting — Banner Cycler 8.8 High2022-09-06
CVE-2022-33177 WordPress Booking Calendar plugin <= 9.2.1 - Cross-Site Request Forgery (CSRF) vulnerabiulity — Booking Calendar (WordPress plugin) 5.4 Medium2022-09-06
CVE-2022-3121 SourceCodester Online Employee Leave Management System addemployee.php cross-site request forgery — Online Employee Leave Management System 4.3 Medium2022-09-05
CVE-2022-36076 Account takeover via SSO plugins in NodeBB — NodeBB 8.8 High2022-09-02
CVE-2022-36373 WordPress MP3 jPlayer plugin <= 2.7.3 - Multiple Cross-Site Request Forgery (CSRF) vulnerabilities — MP3-jPlayer (WordPress plugin) 5.4 Medium2022-09-01
CVE-2022-36796 WordPress CallRail Phone Call Tracking plugin <= 0.4.9 - Cross-Site Request Forgery (CSRF) vulnerability leading to Stored Cross-Site Scripting (XSS) — CallRail Phone Call Tracking (WordPress plugin) 6.1 Medium2022-09-01
CVE-2022-3017 Cross-Site Request Forgery (CSRF) in froxlor/froxlor — froxlor/froxlor 7.1 -2022-08-28

Vulnerabilities classified as CWE-352 (跨站请求伪造(CSRF)) represent 4751 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.