Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-352 (跨站请求伪造(CSRF)) — Vulnerability Class 4751

4751 vulnerabilities classified as CWE-352 (跨站请求伪造(CSRF)). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2022-1914 Clean-Contact <= 1.6 - Arbitrary Settings Update to Stored XSS via CSRF — Clean-Contact 5.4 -2022-06-27
CVE-2022-1913 Add Post URL <= 2.1.0 - Arbitrary Settings Update to Stored XSS via CSRF — Add Post URL 5.4 -2022-06-27
CVE-2022-1885 Cimy Header Image Rotator <= 6.1.1 - Arbitrary Settings Update via CSRF — Cimy Header Image Rotator 4.3 -2022-06-27
CVE-2022-1847 Rotating Posts <= 1.11 - Arbitrary Settings Update to Stored XSS via CSRF — Rotating Posts 4.3 -2022-06-27
CVE-2022-1846 Tiny Contact Form <= 0.7 - Arbitrary Settings Update via CSRF — Tiny Contact Form 4.3 -2022-06-27
CVE-2022-1845 WP Post Styling < 1.3.1 - Multiple CSRF — WP Post Styling 6.5 -2022-06-27
CVE-2022-1844 WP Sentry <= 1.0 - Arbitrary Settings Update to Stored XSS via CSRF — WP Sentry 5.4 -2022-06-27
CVE-2022-1843 MailPress <= 7.2.1 - Arbitrary Settings Update & Log Files Purge via CSRF — MailPress 6.5 -2022-06-27
CVE-2022-1842 OpenBook Book Data <= 3.5.2 - Arbitrary Settings Update to Stored XSS via CSRF — OpenBook Book Data 4.6 -2022-06-27
CVE-2022-1653 Social Share Buttons by Supsystic < 2.2.4 - Multiple CSRF — Social Share Buttons by Supsystic 4.3 -2022-06-27
CVE-2022-1627 My Private Site < 3.0.8 - Arbitrary Settings Update via CSRF — My Private Site 4.3 -2022-06-27
CVE-2022-1625 New User Approve < 2.4 - Arbitrary Settings Update & Invitation Code Creation via CSRF — New User Approve 6.5 -2022-06-27
CVE-2022-1573 HTML2WP <= 1.0.0 - Arbitrary Settings Update via CSRF — HTML2WP 4.3 -2022-06-27
CVE-2022-0875 miniOrange Google Authenticator < 1.0.5 - CSRF to Stored Cross-Site Scripting — Google Authenticator 7.1 -2022-06-27
CVE-2017-20093 Download Manager Plugin cross-site request forgery — Download Manager Plugin 4.3 Medium2022-06-24
CVE-2017-20091 File Manager Plugin cross-site request forgery — File Manager Plugin 4.3 Medium2022-06-23
CVE-2017-20090 Global Content Blocks Plugin cross-site request forgery — Global Content Blocks Plugin 4.3 Medium2022-06-23
CVE-2017-20088 Atahualpa Theme cross-site request forgery — Atahualpa Theme 4.3 Medium2022-06-23
CVE-2017-20065 Supsystic Popup Plugin cross-site request forgery — Popup Plugin 4.3 Medium2022-06-20
CVE-2022-1895 underConstruction < 1.20 - Construction Mode Deactivation via CSRF — underConstruction 6.5 -2022-06-20
CVE-2022-1832 CaPa Protect <= 0.5.8.2 - Arbitrary Settings Update via CSRF — CaPa Protect 6.5 -2022-06-20
CVE-2022-1831 WPlite <= 1.3.1 - Arbitrary Settings Update via CSRF — WPlite 4.3 -2022-06-20
CVE-2022-1830 Amazon Einzeltitellinks <= 1.3.3 - Arbitrary Settings Update to Stored XSS via CSRF — Amazon Einzeltitellinks 4.7 -2022-06-20
CVE-2022-1829 Inline Google Maps <= 5.11 - Arbitrary Settings Update to Stored XSS via CSRF — Inline Google Maps 4.7 -2022-06-20
CVE-2022-1828 PDF24 Articles To PDF <= 4.2.2 - Arbitrary Settings Update via CSRF — PDF24 Articles To PDF 6.5 -2022-06-20
CVE-2022-1827 PDF24 Article To PDF <= 4.2.2 - Arbitrary Settings Update via CSRF — PDF24 Article To PDF 6.5 -2022-06-20
CVE-2022-1826 Cross-Linker <= 3.0.1.9 - Arbitrary Cross-Link Creation via CSRF — Cross-Linker 6.5 -2022-06-20
CVE-2022-1818 Multi-page Toolkit <= 2.6 - Arbitrary Settings Update to Stored XSS via CSRF — Multi-page Toolkit 5.4 -2022-06-20
CVE-2022-1630 WP-Email < 2.69.0 - Log Deletion via CSRF — WP-EMail 4.3 -2022-06-20
CVE-2022-1610 Seamless Donations < 5.1.9 - Arbitrary Settings Update via CSRF — Seamless Donations: A Platform for Global Fundraising and Rebuilding using Stripe and PayPal 4.3 -2022-06-20

Vulnerabilities classified as CWE-352 (跨站请求伪造(CSRF)) represent 4751 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.