Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-352 (跨站请求伪造(CSRF)) — Vulnerability Class 4751

4751 vulnerabilities classified as CWE-352 (跨站请求伪造(CSRF)). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2022-25608 WordPress Yoo Slider – Image Slider & Video Slider plugin <= 2.0.0 - Cross-Site Request Forgery (CSRF) vulnerability leading to slider Duplicate/Delete — Yoo Slider – Image Slider & Video Slider (WordPress plugin) 5.4 Medium2022-03-23
CVE-2022-0681 Simple Membership < 4.1.0 - Arbitrary Transaction Deletion via CSRF — Simple Membership 6.5 -2022-03-21
CVE-2022-0616 Amelia < 1.0.46 - Arbitrary Customer Deletion via CSRF — Amelia – Events & Appointments Booking Calendar 4.3 -2022-03-21
CVE-2022-0515 Cross-Site Request Forgery (CSRF) in crater-invoice/crater — crater-invoice/crater 4.3 -2022-03-21
CVE-2022-25600 WordPress WP Google Map plugin <= 4.2.3 - Cross-Site Request Forgery (CSRF) vulnerability — WP Google Map Plugin (WordPress plugin) 5.4 Medium2022-03-11
CVE-2022-0445 WordPress Real Cookie Banner < 2.14.2 - Settings Reset via CSRF — WordPress Real Cookie Banner: GDPR (DSGVO) & ePrivacy Cookie Consent 6.5 -2022-03-07
CVE-2021-25098 Easy Pricing Tables < 3.1.3 - Arbitrary Post Removal via CSRF — Pricing Tables WordPress Plugin – Easy Pricing Tables 6.5 -2022-03-07
CVE-2022-24712 Cross-Site Request Forgery (CSRF) Protection Bypass Vulnerability in CodeIgniter4 — CodeIgniter4 6.3 Medium2022-02-28
CVE-2022-0328 Simple Membership < 4.0.9 - Arbitrary Member Deletion via CSRF — Simple Membership 4.3 -2022-02-28
CVE-2021-25081 WP Google Map < 1.8.4 - Arbitrary Post Deletion and Plugin's Settings Update via CSRF — Maps Plugin using Google Maps for WordPress – WP Google Map 6.5 -2022-02-28
CVE-2021-25010 Post Snippets < 3.1.4 - CSRF to Stored Cross-Site Scripting — Post Snippets 8.2 -2022-02-28
CVE-2021-24913 Logo Showcase with Slick Slider < 2.0.1 - Arbitrary Media Title/Description/Alt Text/URL Update via CSRF — Logo Showcase with Slick Slider – Logo Carousel, Logo Slider & Logo Grid 4.3 -2022-02-28
CVE-2021-24823 Support Board < 3.3.6 - Arbitrary File Deletion via CSRF — Support Board 8.1 -2022-02-28
CVE-2021-24803 Core Tweaks WP Setup <= 4.1 - Arbitrary Admin Account Creation / Admin Email Update via CSRF — Core Tweaks WP Setup 8.8 -2022-02-28
CVE-2021-4030 Zyxel Nbg6816和Zyxel Nbg6817 跨站请求伪造漏洞 — ARMOR Z2 (NBG6817) firmware 8.0 High2022-02-22
CVE-2022-25599 WordPress Spiffy Calendar plugin <= 4.9.0 - Event deletion via Cross-Site Request Forgery (CSRF) vulnerability — Spiffy Calendar (WordPress plugin) 5.4 Medium2022-02-21
CVE-2022-23983 WordPress WP Content Copy Protection & No Right Click plugin <= 3.4.4 - Cross-Site Request Forgery (CSRF) leads to Settings Update vulnerability — WP Content Copy Protection & No Right Click (WordPress plugin) 4.3 Medium2022-02-21
CVE-2022-0313 Float Menu < 4.3.1 - Arbitrary Menu Deletion via CSRF — Float menu – awesome floating side menu 4.3 -2022-02-21
CVE-2022-0199 Coming soon and Maintenance mode < 3.6.8 - Arbitrary Email Sending to Subscribed Users via CSRF — Coming soon and Maintenance mode 4.3 -2022-02-21
CVE-2022-0134 AnyComment < 0.2.18 - Arbitrary HyperComments Import/Revert via CSRF — AnyComment 8.8 -2022-02-21
CVE-2022-0638 Cross-Site Request Forgery (CSRF) in microweber/microweber — microweber/microweber 6.5 -2022-02-17
CVE-2021-24446 Remove Footer Credit < 1.0.6 - CSRF to Stored Cross-Site Scripting — Remove Footer Credit 5.4 -2022-02-14
CVE-2020-13674 Drupal QuickEdit module 跨站请求伪造漏洞 — Core 6.5 -2022-02-11
CVE-2020-13673 Drupal 跨站脚本漏洞 — Entity Embed 6.1 -2022-02-11
CVE-2021-22954 Concrete Cms 跨站请求伪造漏洞 — https://github.com/concrete5/concrete5 8.8 -2022-02-09
CVE-2022-22811 spaceLYnk 跨站请求伪造漏洞 — spaceLYnk (V2.6.2 and prior), Wiser for KNX (formerly homeLYnk) (V2.6.2 and prior), fellerLYnk (V2.6.2 and prior) 8.1 -2022-02-09
CVE-2022-22808 Schneider Electric EcoStruxure EV Charging Expert 跨站请求伪造漏洞 — EcoStruxure EV Charging Expert (formerly known as EVlink Load Management System): (HMIBSCEA53D1EDB, HMIBSCEA53D1EDS, HMIBSCEA53D1EDM, HMIBSCEA53D1EDL, HMIBSCEA53D1ESS, HMIBSCEA53D1ESM, HMIBSCEA53D1EML) (All Versions prior to SP8 (Version 01) V4.0.0.13) 8.8 -2022-02-09
CVE-2022-21703 Cross Site Request Forgery in Grafana — grafana 6.3 Medium2022-02-08
CVE-2022-0505 Cross-Site Request Forgery (CSRF) in microweber/microweber — microweber/microweber 6.5 -2022-02-08
CVE-2021-25108 IP2Location Country Blocker < 2.26.6 - Arbitrary Country Ban via CSRF — IP2Location Country Blocker 7.1 -2022-02-07

Vulnerabilities classified as CWE-352 (跨站请求伪造(CSRF)) represent 4751 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.