Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-352 (跨站请求伪造(CSRF)) — Vulnerability Class 4751

4751 vulnerabilities classified as CWE-352 (跨站请求伪造(CSRF)). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2022-36358 WordPress SEO Scout plugin <= 0.9.83 - Cross-Site Request Forgery (CSRF) vulnerability — SEO Scout 5.4 Medium2022-08-25
CVE-2022-36389 WordPress Better Messages plugin <= 1.9.9.148 - Cross-Site Request Forgery (CSRF) vulnerability — Better Messages (WordPress plugin) 4.3 Medium2022-08-23
CVE-2022-36292 WordPress Gallery PhotoBlocks plugin <= 1.2.6 - Cross-Site Request Forgery (CSRF) vulnerabilities — Gallery PhotoBlocks (WordPress plugin) 5.4 Medium2022-08-23
CVE-2022-36379 WordPress ЮKassa для WooCommerce plugin <= 2.3.0 - Cross-Site Request Forgery (CSRF) leading to plugin settings update — ЮKassa для WooCommerce (WordPress plugin) 8.8 High2022-08-23
CVE-2022-36288 WordPress Download Manager plugin <= 3.2.48 - Multiple Cross-Site Request Forgery (CSRF) vulnerabilities — Download Manager (WordPress plugin) 5.4 Medium2022-08-23
CVE-2022-29468 WWBN AVideo 跨站请求伪造漏洞 — AVideo 8.8 -2022-08-22
CVE-2022-2555 Yotpo Reviews for WooCommerce <= 2.0.4 - Arbitrary Settings Update via CSRF — Yotpo Reviews for WooCommerce (Unofficial) 6.5 -2022-08-22
CVE-2022-2388 WP Coder < 2.5.3 - Code Deletion via CSRF — WP Coder – add custom html, css and js code 6.5 -2022-08-22
CVE-2022-2275 WP Edit Menu <= 1.5.0 - Arbitrary Post Deletion via CSRF — WP Edit Menu 4.3 -2022-08-22
CVE-2022-2172 LinkWorth Plugin < 3.3.4 - Arbitrary Setting Update via CSRF — LinkWorth Plugin 6.5 -2022-08-22
CVE-2022-1251 Ask Me < 6.8.4 - CSRF in Edit Profile — Ask me 6.5 -2022-08-22
CVE-2021-24912 Transposh WordPress Translation < 1.0.8 - CSRF to Stored XSS — Transposh WordPress Translation 5.4 -2022-08-22
CVE-2022-36346 WordPress MaxButtons plugin <= 9.2 - Multiple Cross-Site Request Forgery (CSRF) vulnerabilities — MaxButtons (WordPress plugin) 4.3 Medium2022-08-22
CVE-2022-35656 Pegasystem PEGA Platform 跨站请求伪造漏洞 — Pega Infinity 4.5 -2022-08-22
CVE-2022-34347 WordPress Download Manager plugin <= 3.2.48 - Cross-Site Request Forgery (CSRF) vulnerability — Download Manager (WordPress plugin) 4.2 Medium2022-08-22
CVE-2021-36852 WordPress WP Hotel Booking plugin <= 1.10.5 - Cross-Site Request Forgery (CSRF) vulnerability — WP Hotel Booking 4.3 Medium2022-08-22
CVE-2022-23765 IPTIME NAS family CSRF vulnerability — NAS1dual, NAS2dual, NAS4dual 8.0 High2022-08-17
CVE-2022-36312 Airspan AirVelocity 1500 跨站请求伪造漏洞 — AirVelocity 8.8 -2022-08-16
CVE-2022-2381 E Unlocked - Student Result <= 1.0.4 - Arbitrary File Upload via CSRF — E Unlocked – Student Result 8.8 -2022-08-15
CVE-2022-35943 SameSite may allow cross-site request forgery (CSRF) protection to be bypassed — shield 5.9 Medium2022-08-12
CVE-2022-2355 Easy Username Updater < 1.0.5 - Arbitrary Username Update via CSRF — Easy Username Updater 6.5 -2022-08-08
CVE-2016-3098 administrate 跨站请求伪造漏洞 — administrate 8.1 -2022-08-05
CVE-2021-36861 WordPress Rich Reviews by Starfish plugin <= 1.9.14 - Cross-Site Request Forgery (CSRF) vulnerability — Rich Reviews by Starfish (WordPress plugin) 5.4 Medium2022-08-05
CVE-2022-33201 WordPress MailerLite – Signup forms (official) plugin <= 1.5.7 - Cross-Site Request Forgery (CSRF) vulnerability — MailerLite (WordPress plugin) 6.3 Medium2022-08-05
CVE-2022-2260 GiveWP < 2.21.3 - DoS via CSRF — GiveWP – Donation Plugin and Fundraising Platform 6.5 -2022-08-01
CVE-2022-2245 Counter Box < 1.2.1 - Arbitrary Counter Activation/Deactivation via CSRF — Counter Box – WordPress plugin for countdown, timer, counter 8.8 -2022-08-01
CVE-2022-2171 Progressive License <= 1.1.0 - CSRF to Stored XSS — Progressive License 4.6 -2022-08-01
CVE-2022-26309 Cross-Site Request en Bulk operation (User operation) — Pandora FMS 3.7 Low2022-08-01
CVE-2022-22686 Synology Calendar 跨站请求伪造漏洞 — Synology Calendar 6.5 Medium2022-07-26
CVE-2021-40335 Cross Site Request Forgery (CSRF) in Hitachi Energy’s MSM Product — MSM 5.0 Medium2022-07-25

Vulnerabilities classified as CWE-352 (跨站请求伪造(CSRF)) represent 4751 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.