Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-352 (跨站请求伪造(CSRF)) — Vulnerability Class 4751

4751 vulnerabilities classified as CWE-352 (跨站请求伪造(CSRF)). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2021-34633 Youtube Feeder <= 2.0.1 - Cross-Site Request Forgery to Stored Cross-Site Scripting — Youtube Feeder 8.8 High2021-08-05
CVE-2021-34634 Nifty Newsletters <= 4.0.23 - Cross-Site Request Forgery to Stored Cross-Site Scripting — Nifty Newsletters 8.8 High2021-08-05
CVE-2021-34631 NewsPlugin <= 1.0.18 - Cross-Site Request Forgery to Stored Cross-Site Scripting — NewsPlugin 8.8 High2021-08-05
CVE-2021-23849 Cross Site Request Forgery (CSRF) vulnerability in web based management interface — CPP Firmware 7.5 High2021-08-05
CVE-2021-34632 SEO Backlinks <= 4.0.1 - Cross-Site Request Forgery to Stored Cross-Site Scripting — SEO Backlinks 8.8 High2021-08-02
CVE-2021-34628 Admin Custom Login <= 3.2.7 - Cross-Site Request Forgery to Stored Cross-Site Scripting — Admin Custom Login 8.8 High2021-08-02
CVE-2021-34637 Post Index <= 0.7.5 Cross-Site Request Forgery to Stored Cross-Site Scripting — Post Index 8.8 High2021-08-02
CVE-2021-32776 No CSRF form token cleanup on Windows servers — iTop 6.8 Medium2021-07-21
CVE-2021-21407 Portal : the CSRF token isn't validated — iTop 8.0 High2021-07-21
CVE-2021-34619 Cross-Site Request Forgery in WooCommerce Stock Manager WordPress Plugin — WooCommerce Stock Manager 8.8 High2021-07-21
CVE-2021-32774 Cross-Site Request Forgery (CSRF) in DataDump — DataDump 6.1 Medium2021-07-20
CVE-2021-34620 CSRF in WP Fluent Forms < 3.6.67 allows stored XSS and Privilege Escalation — WP Fluent Forms 8.8 -2021-07-07
CVE-2021-32730 No CSRF protection on the password change form — xwiki-platform 5.7 Medium2021-07-01
CVE-2021-32677 Cross-Site Request Forgery (CSRF) in FastAPI — fastapi 8.2 High2021-06-09
CVE-2020-10771 Red Hat Data Grid 跨站请求伪造漏洞 — Infinispan 8.3 -2021-06-02
CVE-2021-24328 WP Login Security and History <= 1.0 - CSRF to Stored Cross-Site Scripting (XSS) — WP Login Security and History 6.5 -2021-06-01
CVE-2021-24333 Content Copy Protection & Prevent Image Save <= 1.3 - CSRF to Stored Cross-Site Scripting (XSS) — Content Copy Protection & Prevent Image Save 7.1 -2021-06-01
CVE-2021-21549 Dell EMC XtremIO 跨站请求伪造漏洞 — XtremIO 8.8 High2021-05-21
CVE-2021-32632 CSRF allowing modification of commands, modules, banphrases through hidden iFrames — pajbot 2.4 Low2021-05-20
CVE-2021-24324 404 SEO Redirection <= 1.3 - CSRF to Stored Cross-Site Scripting (XSS) — 404 SEO Redirection 6.5 -2021-05-17
CVE-2021-24249 Business Directory Plugin < 5.11.2 - Arbitrary Listing Export — Business Directory Plugin – Easy Listing Directories for WordPress 6.5 -2021-05-05
CVE-2021-24251 Business Directory Plugin < 5.11.2 - Arbitrary Payment History Update — Business Directory Plugin – Easy Listing Directories for WordPress 4.3 -2021-05-05
CVE-2021-24178 Business Directory Plugin < 5.11.1 - Arbitrary Add/Edit/Delete Form Field to Stored XSS — Business Directory Plugin – Easy Listing Directories for WordPress 8.1 -2021-05-05
CVE-2021-24179 Business Directory Plugin < 5.11 - Arbitrary File Upload to RCE — Business Directory Plugin – Easy Listing Directories for WordPress 8.8 -2021-05-05
CVE-2021-24272 Fitness Calculators < 1.9.6 - Cross-Site Request Forgery to Cross-Site Scripting (XSS) — fitness calculators 4.3 -2021-05-05
CVE-2021-29436 Cross site request forgery vulnerability — timetracker 5.4 Medium2021-04-13
CVE-2021-29435 Cross-Site Request Forgery (CSRF) in trestle-auth — trestle-auth 8.1 High2021-04-13
CVE-2021-24231 Patreon WordPress < 1.7.0 - CSRF to Disconnect Sites From Patreon — Patreon WordPress 6.5 -2021-04-12
CVE-2021-24230 Patreon WordPress < 1.7.0 - CSRF to Overwrite/Create User Meta — Patreon WordPress 6.5 -2021-04-12
CVE-2021-24218 Facebook for WordPress 3.0.0-3.0.3 - CSRF to Stored XSS and Settings Deletion — Facebook for WordPress 8.8 -2021-04-12

Vulnerabilities classified as CWE-352 (跨站请求伪造(CSRF)) represent 4751 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.