Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-352 (跨站请求伪造(CSRF)) — Vulnerability Class 4751

4751 vulnerabilities classified as CWE-352 (跨站请求伪造(CSRF)). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2025-12901 Asgaros Forum <= 3.2.1 - Cross-Site Request Forgery to Subscription Settings Update — Asgaros Forum 4.3 Medium2025-11-12
CVE-2025-12590 YSlider <= 1.1 - Cross-Site Request Forgery to Stored Cross-Site Scripting — YSlider 6.1 Medium2025-11-11
CVE-2025-12588 USB Qr Code Scanner For Woocommerce <= 1.0.0 - Cross-Site Request Forgery to Settings Update — USB Qr Code Scanner For Woocommerce 4.3 Medium2025-11-11
CVE-2025-12132 WP Custom Admin Login Page Logo <= 1.4.8.4 - Cross-Site Request Forgery to Settings Update — WP Custom Admin Login Page Logo 4.3 Medium2025-11-11
CVE-2025-12589 WP-Walla <= 0.5.3.5 - Cross-Site Request Forgery to Stored Cross-Site Scripting — WP-Walla 6.1 Medium2025-11-11
CVE-2025-11886 CTL Arcade Lite <= 1.0 - Cross-Site Request Forgery to Plugin Activation and Deactivation — CTL Arcade Lite 4.3 Medium2025-11-11
CVE-2025-58469 QuLog Center — QuLog Center 8.8 -2025-11-07
CVE-2025-62950 WordPress Contest Gallery plugin <= 28.0.0 - Cross Site Request Forgery (CSRF) vulnerability — Contest Gallery 4.3 Medium2025-11-06
CVE-2025-53316 WordPress WP GDPR Cookie Consent plugin <= 1.0.0 - Cross Site Request Forgery (CSRF) Vulnerability — WP GDPR Cookie Consent 7.1 High2025-11-06
CVE-2025-48085 WordPress Simple Stripe plugin <= 0.9.17 - Cross Site Request Forgery (CSRF) to Stored XSS vulnerability — Simple Stripe 7.1 High2025-11-06
CVE-2025-48083 WordPress wpNamedUsers plugin <= 0.5 - Cross Site Request Forgery (CSRF) to Stored XSS vulnerability — wpNamedUsers 7.1 High2025-11-06
CVE-2025-48078 WordPress Slick Google Map plugin <= 0.3 - Cross Site Request Forgery (CSRF) to Stored XSS vulnerability — Slick Google Map 7.1 High2025-11-06
CVE-2025-48077 WordPress Block Country plugin <= 1.0 - Cross Site Request Forgery (CSRF) to Stored XSS vulnerability — Block Country 7.1 High2025-11-06
CVE-2025-10691 Easy Email Subscription <= 1.3 - Cross-Site Request Forgery to Arbitrary Subscriber Deletion — Easy Email Subscription 4.3 Medium2025-11-06
CVE-2025-12403 Associados Amazon Plugin <= 0.8 - Cross-Site Request Forgery to Stored Cross-Site Scripting — Associados Amazon Plugin 6.1 Medium2025-11-04
CVE-2025-12452 Visit Counter 1.0 - Cross-Site Request Forgery to Stored Cross-Site Scripting — Visit Counter 6.1 Medium2025-11-04
CVE-2025-12402 LinkedIn Resume <= 2.00 - Cross-Site Request Forgery to Stored Cross-Site Scripting — LinkedIn Resume 6.1 Medium2025-11-04
CVE-2025-12415 MapMap <= 1.1 - Cross-Site Request Forgery to Settings Update and Stored Cross-Site Scripting — MapMap 6.1 Medium2025-11-04
CVE-2025-12456 Centangle Team Showcase <= 1.0.0 - Cross-Site Request Forgery To Plugin's Settings Modification And Stored Cross-Site Scripting — Centangle-Team 6.1 Medium2025-11-04
CVE-2025-12400 LMB^Box Smileys <= 3.2 - Cross-Site Request Forgery to Stored Cross-Site Scripting — LMB^Box Smileys 6.1 Medium2025-11-04
CVE-2025-12410 SH Contextual Help <= 3.2.1 - Cross-Site Request Forgery to Stored Cross-Site Scripting — SH Contextual Help 6.1 Medium2025-11-04
CVE-2025-12413 Social Media WPCF7 Stop Words <= 1.1.3 - Cross-Site Request Forgery to Settings Update — WPCF7 Stop words 5.4 Medium2025-11-04
CVE-2025-12416 Pagerank Tools <= 1.1.5 - Cross-Site Request Forgery to Stored Cross-Site Scripting — Pagerank tools 6.1 Medium2025-11-04
CVE-2025-12412 Top Bar Notification <= 1.12 - Cross-Site Request Forgery to Stored Cross-Site Scripting — Top Bar Notification 6.1 Medium2025-11-04
CVE-2025-12188 Posts Navigation Links for Sections and Headings - Free by WP Masters <= 1.0.1 - Cross-Site Request Forgery to Settings Update — Posts Navigation Links for Sections and Headings – Free by WP Masters 4.3 Medium2025-11-04
CVE-2025-12069 WP Global Screen Options <= 0.2 - Cross-Site Request Forgery to Screen Options Update — WP Global Screen Options 4.3 Medium2025-11-04
CVE-2025-12401 Label Plugins <= 0.5 - Cross-Site Request Forgery to Stored Cross-Site Scripting — Label Plugins 6.1 Medium2025-11-04
CVE-2025-12070 ViaAds <= 2.1.2 - Cross-Site Request Forgery to API Key Update — ViaAds 4.3 Medium2025-11-04
CVE-2025-64368 WordPress Bard theme <= 1.6 - Cross Site Request Forgery (CSRF) vulnerability — Bard 5.4 Medium2025-10-31
CVE-2025-64357 WordPress Advanced Database Cleaner plugin <= 3.1.6 - Cross Site Request Forgery (CSRF) vulnerability — Advanced Database Cleaner 4.3 Medium2025-10-31

Vulnerabilities classified as CWE-352 (跨站请求伪造(CSRF)) represent 4751 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.