CWE-352 (跨站请求伪造(CSRF)) — Vulnerability Class 4751

4751 vulnerabilities classified as CWE-352 (跨站请求伪造(CSRF)). AI Chinese analysis included.

CVE ID	Title	CVSS	Severity	Published
CVE-2025-14161	Truefy Embed <= 1.1.0 - Cross-Site Request Forgery to 'truefy_embed_options_update' Settings Update — Truefy Embed	4.3	Medium	2025-12-12
CVE-2025-14354	Resource Library for Logged In Users <= 1.5 - Cross-Site Request Forgery to Multiple Administrative Actions — Resource Library for Logged In Users	4.3	Medium	2025-12-12
CVE-2025-14165	Kirim.Email WooCommerce Integration <= 1.2.9 - Cross-Site Request Forgery to Settings Update — Kirim.Email WooCommerce Integration	4.3	Medium	2025-12-12
CVE-2025-13363	IMAQ Core <= 1.2.1 - Cross-Site Request Forgery to URL Structure Update — IMAQ CORE	4.3	Medium	2025-12-12
CVE-2025-14158	Coding Blocks <= 1.1.0 - Cross-Site Request Forgery to Settings Update — Coding Blocks	4.3	Medium	2025-12-12
CVE-2025-13408	Foxtool All-in-One: Contact chat button, Custom login, Media optimize images <= 2.5.2 - Cross-Site Request Forgery to Google OAuth Connection — Foxtool All-in-One: Contact chat button, Custom login, Media optimize images	4.3	Medium	2025-12-12
CVE-2025-14162	BMLT WordPress Plugin <= 3.11.4 - Cross-Site Request Forgery to Settings Creation and Deletion — BMLT WordPress Satellite	4.3	Medium	2025-12-12
CVE-2025-67646	TableProgressTracking's missing CSRF protection allows unauthorized state changes — TableProgressTracking	3.5	Low	2025-12-10
CVE-2020-36901	UBICOD Medivision Digital Signage 1.5.1 Cross-Site Request Forgery via User Management — UBICOD Medivision Digital Signage	8.8^AI	High^AI	2025-12-10
CVE-2020-36900	All-Dynamics Digital Signage System 2.0.2 Cross-Site Request Forgery via User Management — Digital Signage System	8.8^AI	High^AI	2025-12-10
CVE-2020-36886	SpinetiX Fusion Digital Signage 3.4.8 Cross-Site Request Forgery via User Creation — Fusion Digital Signage	8.8^AI	High^AI	2025-12-10
CVE-2025-34429	1Panel CSRF Web Port Configuration Change — 1Panel	7.1^AI	High^AI	2025-12-10
CVE-2025-34430	1Panel CSRF Panel Name Modification — 1Panel	4.3^AI	Medium^AI	2025-12-10
CVE-2025-34410	1Panel CSRF in Change Username Functionality Allows Account Lockout — 1Panel	6.5^AI	Medium^AI	2025-12-10
CVE-2021-47730	Selea Targa IP Camera Cross-Site Request Forgery via Admin Creation — Selea Targa IP OCR-ANPR Camera	8.8^AI	High^AI	2025-12-09
CVE-2021-47723	STVS ProVision Cross-Site Request Forgery (Add Admin) — STVS ProVision	8.8^AI	High^AI	2025-12-09
CVE-2021-47702	OpenBMCS Cross Site Request Forgery (CSRF) via sendFeedback.php — OpenBMCS	8.8^AI	High^AI	2025-12-09
CVE-2025-13924	Advanced Product Fields (Product Addons) for WooCommerce <= 1.6.17 - Cross-Site Request Forgery to Product Field Group Duplication and Publication — Advanced Product Fields (Product Addons) for WooCommerce	4.3	Medium	2025-12-09
CVE-2023-22675	WordPress WP Fast Cache plugin <= 1.5 - Cross Site Request Forgery (CSRF) vulnerability — WP Fast Cache	4.3	Medium	2025-12-09
CVE-2025-67467	WordPress GiveWP plugin <= 4.13.1 - Cross Site Request Forgery (CSRF) vulnerability — GiveWP	5.4	Medium	2025-12-09
CVE-2025-63060	WordPress KALLYAS theme < 4.25.0 - Cross Site Request Forgery (CSRF) vulnerability — KALLYAS	4.3	Medium	2025-12-09
CVE-2025-63030	WordPress New User Approve plugin <= 3.2.3 - Cross Site Request Forgery (CSRF) vulnerability — New User Approve	8.8^AI	High^AI	2025-12-09
CVE-2025-63012	WordPress WP Hotel Booking plugin <= 2.2.8 - Cross Site Request Forgery (CSRF) vulnerability — WP Hotel Booking	4.3	Medium	2025-12-09
CVE-2025-62871	WordPress Just TinyMCE Custom Styles plugin <= 1.2.1 - Cross Site Request Forgery (CSRF) vulnerability — Just TinyMCE Custom Styles	8.8^AI	High^AI	2025-12-09
CVE-2025-62873	WordPress WP Flashy Marketing Automation plugin <= 2.0.8 - Cross Site Request Forgery (CSRF) vulnerability — WP Flashy Marketing Automation	8.8^AI	High^AI	2025-12-09
CVE-2025-62872	WordPress Social Photo Fetcher plugin <= 3.0.4 - Cross Site Request Forgery (CSRF) vulnerability — Social Photo Fetcher	8.8^AI	High^AI	2025-12-09
CVE-2025-62866	WordPress Auto Alt Text plugin <= 2.5.2 - Cross Site Request Forgery (CSRF) vulnerability — Auto Alt Text	7.1^AI	High^AI	2025-12-09
CVE-2025-62739	WordPress Add Custom Codes plugin <= 4.80 - Cross Site Request Forgery (CSRF) vulnerability — Add Custom Codes	6.5	Medium	2025-12-09
CVE-2025-62762	WordPress SMTP Mail plugin <= 1.3.51 - Cross Site Request Forgery (CSRF) vulnerability — SMTP Mail	4.3	Medium	2025-12-09
CVE-2025-62733	WordPress Custom Sidebars by ProteusThemes plugin <= 1.0.3 - Cross Site Request Forgery (CSRF) vulnerability — Custom Sidebars by ProteusThemes	8.1^AI	High^AI	2025-12-09

Vulnerabilities classified as CWE-352 (跨站请求伪造(CSRF)) represent 4751 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.

Goal Reached Thanks to every supporter — we hit 100%!

CWE-352 (跨站请求伪造(CSRF)) — Vulnerability Class 4751