Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-352 (跨站请求伪造(CSRF)) — Vulnerability Class 4751

4751 vulnerabilities classified as CWE-352 (跨站请求伪造(CSRF)). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2021-24674 Genie WP Favicon <= 0.5.2 - Arbitrary Favicon Change via CSRF — Genie WP Favicon 6.5 -2021-11-08
CVE-2021-34773 Cisco Unified Communications Products Cross-Site Request Forgery Vulnerability — Cisco Unified Communications Manager 6.5 Medium2021-11-04
CVE-2021-24809 BP Better Messages < 1.9.9.41 - Multiple CSRF — BP Better Messages 8.8 -2021-11-01
CVE-2021-24799 Far Future Expiry Header < 1.5 - Plugin's Settings Update via CSRF — Far Future Expiry Header 4.3 -2021-11-01
CVE-2021-24685 Flat Preloader < 1.5.4 - CSRF to Stored Cross-Site Scripting — Flat Preloader 5.4 -2021-11-01
CVE-2021-24572 Paypal Donation < 1.3.1 - CSRF to Arbitrary Post Deletion — Accept Donations with PayPal 4.3 -2021-11-01
CVE-2021-24570 Paypal Donation < 1.3.1 - CSRF to Stored Cross-Site Scripting — Accept Donations with PayPal 4.7 -2021-11-01
CVE-2020-36505 Delete All Comments Easily <= 1.3 - All Comments Deletion via CSRF — Delete All Comments Easily 4.3 -2021-11-01
CVE-2020-36504 WP-Pro-Quiz <= 0.37 - Arbitrary Quiz Deletion via CSRF — Wp-Pro-Quiz 6.5 -2021-11-01
CVE-2015-10001 WP-Stats < 2.5.2 - CSRF to Stored Cross-Site Scripting (XSS) — WP-Stats 4.3 -2021-11-01
CVE-2021-3901 Cross-Site Request Forgery (CSRF) in firefly-iii/firefly-iii — firefly-iii/firefly-iii 4.3 -2021-10-27
CVE-2021-3900 Cross-Site Request Forgery (CSRF) in firefly-iii/firefly-iii — firefly-iii/firefly-iii 4.3 -2021-10-27
CVE-2021-41176 logout CSRF in Pterodactyl Panel — panel 4.3 Medium2021-10-25
CVE-2021-24543 jQuery Reply to Comment <= 1.31 - CSRF to Stored Cross-Site Scripting — jQuery Reply to Comment 6.1 -2021-10-25
CVE-2021-24487 St Daily Tip <= 4.7 - CSRF to Stored Cross-Site Scripting — St-Daily-Tip 5.4 -2021-10-25
CVE-2021-34743 Cisco Webex Software Application Authorization Bypass Vulnerability — Cisco Webex Meetings 4.3 Medium2021-10-21
CVE-2021-3858 Cross-Site Request Forgery (CSRF) in snipe/snipe-it — snipe/snipe-it 4.3 -2021-10-19
CVE-2021-38480 InHand Networks IR615 Router — IR615 Router 9.6 Critical2021-10-19
CVE-2021-24735 Compact WP Audio Player < 1.9.7 - Setting Change via CSRF — Compact WP Audio Player 6.5 -2021-10-18
CVE-2021-24675 One User Avatar < 2.3.7 - Avatar Update via CSRF — One User Avatar | User Profile Picture 6.5 -2021-10-18
CVE-2021-24642 Scroll Baner <= 1.0 - CSRF to RCE — Scroll Baner 6.5 -2021-10-18
CVE-2021-24615 Wechat Reward <= 1.7 - CSRF to Stored Cross-Site Scripting — 微信打赏(Wechat Reward) 5.4 -2021-10-18
CVE-2021-24595 WP Cookie Choice <= 1.1.0 - CSRF to Stored Cross-Site Scripting — Wp Cookie Choice 6.5 -2021-10-18
CVE-2021-39864 Adobe Commerce Cross-Site Request Forgery (CSRF) Could Lead To Unauthorized Cart Addition — Magento Commerce 6.5 Medium2021-10-15
CVE-2021-24711 Software License Manager < 4.5.1 - Arbitrary Domain Deletion via CSRF — Software License Manager 8.8 -2021-10-11
CVE-2021-24683 Weather Effect < 1.3.4 - CSRF to Stored Cross-Site Scripting — Weather Effect – Christmas Santa Snow Falling 5.4 -2021-10-11
CVE-2021-41113 Cross-Site-Request-Forgery in Backend URI Handling in Typo3 — typo3 8.8 High2021-10-05
CVE-2021-36850 WordPress Media File Renamer – Auto & Manual Rename plugin <= 5.1.9 - Cross-Site Request Forgery (CSRF) vulnerability — Media File Renamer – Auto & Manual Rename (WordPress plugin) 5.4 Medium2021-10-04
CVE-2021-41295 ECOA BAS controller - Cross-Site Request Forgery (CSRF) — ECS Router Controller ECS (FLASH) 8.8 High2021-09-30
CVE-2021-34636 Countdown and CountUp, WooCommerce Sales Timer <= 1.5.7 Cross-Site Request Forgery to Stored Cross-Site Scripting — Countdown and CountUp, WooCommerce Sales Timers 8.8 High2021-09-28

Vulnerabilities classified as CWE-352 (跨站请求伪造(CSRF)) represent 4751 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.