Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-352 (跨站请求伪造(CSRF)) — Vulnerability Class 4751

4751 vulnerabilities classified as CWE-352 (跨站请求伪造(CSRF)). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2022-1603 Mail Subscribe List < 2.1.4 - Arbitrary Subscribed User Deletion via CSRF — Mail Subscribe List 4.3 -2022-06-20
CVE-2017-20062 Elefant CMS cross-site request forgery — CMS 5.0 Medium2022-06-20
CVE-2017-20053 XYZScripts Contact Form Manager Plugin cross-site request forgery — Contact Form Manager Plugin 4.3 Medium2022-06-16
CVE-2021-36891 WordPress Photo Gallery by Supsystic plugin <= 1.15.5 - Cross-Site Request Forgery (CSRF) leading to Plugin Settings Change — Photo Gallery by Supsystic (WordPress plugin) 5.4 Medium2022-06-15
CVE-2022-29450 WordPress Admin Management Xtended plugin <= 2.4.4 - Multiple Cross-Site Request Forgery (CSRF) vulnerabilities — Admin Management Xtended (WordPress plugin) 5.4 Medium2022-06-15
CVE-2022-29441 WordPress Private Messages For WordPress plugin <= 2.1.10 - Sending Messages via Cross-Site Request Forgery (CSRF) vulnerability — Private Messages For WordPress (WordPress plugin) 4.3 Medium2022-06-15
CVE-2022-29439 WordPress Image Slider by NextCode plugin <= 1.1.2 - Slider Deletion via Cross-Site Request Forgery (CSRF) vulnerability — Image Slider by NextCode – Photo & Video SLider (WordPress plugin) 5.4 Medium2022-06-15
CVE-2022-29453 WordPress API KEY for Google Maps plugin <= 1.2.1 - CSRF vulnerability leading to Google Maps API key update — API KEY for Google Maps 5.4 Medium2022-06-15
CVE-2022-29437 WordPress Image Slider by NextCode plugin <= 1.1.2 - Multiple Cross-Site Request Forgery (CSRF) vulnerabilities — Image Slider by NextCode – Photo & Video SLider (WordPress plugin) 5.4 Medium2022-06-15
CVE-2022-1969 Mobile browser color select <= 1.0.1 - Cross-Site Request Forgery to Stored Cross-Site Scripting — Mobile browser color select 8.8 High2022-06-13
CVE-2022-1749 WPMK Ajax Finder <= 1.0.1 - Cross-Site Request Forgery to Cross-Site Scripting — WPMK Ajax Finder 8.8 High2022-06-13
CVE-2022-1900 Copify <= 1.3.0 - Cross-Site Request Forgery to Cross-Site Scripting — Copify 8.8 High2022-06-13
CVE-2022-1918 ToolBar to Share <= 2.0 - Cross-Site Request Forgery to Cross-Site Scripting — ToolBar to Share 8.8 High2022-06-13
CVE-2022-1793 Private Files <= 0.40 - Protection Disabling via CSRF — Private Files 4.3 -2022-06-13
CVE-2022-1792 Quick Subscribe <= 1.7.1 - Arbitrary Settings Update via CSRF to Stored XSS — Quick Subscribe 5.4 -2022-06-13
CVE-2022-1791 One Click Plugin Updater <= 2.4.14 - Arbitrary Settings Update via CSRF — One Click Plugin Updater 4.3 -2022-06-13
CVE-2022-1790 New User Email Set Up <= 0.5.2 - Arbitrary Settings Update via CSRF — New User Email Set Up 4.3 -2022-06-13
CVE-2022-1788 Change Uploaded File Permissions <= 4.0.0 - File Permission Update via CSRF — Change Uploaded File Permissions 6.5 -2022-06-13
CVE-2022-1787 Sideblog <= 6.0 - Arbitrary Settings Update via CSRF to Stored XSS — Sideblog WordPress Plugin 5.4 -2022-06-13
CVE-2022-1781 postTabs <= 2.10.6 - Arbitrary Settings Update via CSRF to Stored XSS — postTabs 5.4 -2022-06-13
CVE-2022-1780 LaTeX for WordPress <= 3.4.10 - Arbitrary Settings Update via CSRF to Stored XSS — LaTeX for WordPress 5.4 -2022-06-13
CVE-2022-1779 Auto Delete Posts <= 1.3.0 - Arbitrary Settings Update via CSRF — Auto Delete Posts 6.5 -2022-06-13
CVE-2022-1765 Hot Linked Image Cacher <= 1.16 - Image upload/cache abuse via CSRF — Hot Linked Image Cacher 8.1 -2022-06-13
CVE-2022-1764 WP-chgFontSize <= 1.8 - Arbitrary Settings Update via CSRF to Stored XSS — WP-chgFontSize 4.1 -2022-06-13
CVE-2022-1763 Static Page eXtended <= 2.1 - Arbitrary Settings Update via CSRF to Stored XSS — Static Page eXtended 9.3 -2022-06-13
CVE-2022-1761 Peter’s Collaboration E-mails <= 2.2.0 - Arbitrary Settings Update via CSRF — Peter’s Collaboration E-mails 6.5 -2022-06-13
CVE-2022-1759 RB Internal Links <= 2.0.16 - Stored Cross-Site Scripting via CSRF — RB Internal Links 5.4 -2022-06-13
CVE-2022-1758 Genki Pre-Publish Reminder <= 1.4.1 - Stored XSS & RCE via CSRF — Genki Pre-Publish Reminder 8.8 -2022-06-13
CVE-2022-1694 Useful Banner Manager <= 1.6.1 - Modify banners via CSRF — Useful Banner Manager 6.5 -2022-06-13
CVE-2022-1624 Latest Tweets Widget <= 1.1.4 - Arbitrary Settings Update via CSRF — Latest Tweets Widget 4.3 -2022-06-13

Vulnerabilities classified as CWE-352 (跨站请求伪造(CSRF)) represent 4751 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.