CWE-352 (跨站请求伪造(CSRF)) — Vulnerability Class 4751

4751 vulnerabilities classified as CWE-352 (跨站请求伪造(CSRF)). AI Chinese analysis included.

CVE ID	Title	CVSS	Severity	Published
CVE-2025-9621	WidgetPack Comment System <= 1.6.1 - Cross-Site Request Forgery — WidgetPack Comment System	4.3	Medium	2025-10-11
CVE-2025-61930	Emlog Pro has CSRF issue that Enables Admin Password Reset — emlog	8.1	High	2025-10-10
CVE-2025-62245	Liferay Portal和Liferay DXP 跨站请求伪造漏洞 — Portal	4.3^AI	Medium^AI	2025-10-10
CVE-2025-11166	WP Go Maps (formerly WP Google Maps) <= 9.0.46 - Cross-Site Request Forgery to Plugin Settings Update — WP Go Maps (formerly WP Google Maps)	5.4	Medium	2025-10-09
CVE-2025-11442	JhumanJ OpnForm API Endpoint cross-site request forgery — OpnForm	4.3	Medium	2025-10-08
CVE-2025-9886	Trinity Audio <= 5.20.2 - Cross-Site Request Forgery — Trinity Audio – Text to Speech AI audio player to convert content into audio	4.3	Medium	2025-10-04
CVE-2025-10302	Ultimate Viral Quiz <= 1.0 - Cross-Site Request Forgery to Settings Update — Ultimate Viral Quiz	4.3	Medium	2025-10-03
CVE-2025-9897	AP Background <= 3.8.2 - Cross-Site Request Forgery — AP Background	4.3	Medium	2025-10-03
CVE-2025-9895	Notification Bar <= 2.2 - Cross-Site Request Forgery — Notification Bar	4.3	Medium	2025-10-03
CVE-2025-9630	WP SinoType <= 1.0 - Cross-Site Request Forgery — WP SinoType	4.3	Medium	2025-10-03
CVE-2025-9889	ContentMX Content Publisher <= 1.0.6 - Cross-Site Request Forgery — ContentMX Content Publisher	4.3	Medium	2025-10-03
CVE-2025-8669	Customify <= 0.4.11 - Cross-Site Request Forgery — Customify	4.3	Medium	2025-10-03
CVE-2025-9892	Restrict User Registration <= 1.0.1 - Cross-Site Request Forgery to Settings Update — Restrict User Registration	5.3	Medium	2025-10-03
CVE-2025-10309	PayPal Forms <= 1.0.3 - Cross-Site Request Forgery — PayPal Forms	4.3	Medium	2025-10-03
CVE-2025-9945	Optimize More! – CSS <= 1.0.3 - Cross-Site Request Forgery to Plugin Settings Reset — Optimize More! – CSS	4.3	Medium	2025-10-03
CVE-2025-9884	Mobile Site Redirect <= 1.2.1 - Cross-Site Request Forgery to Stored Cross-Site Scripting — Mobile Site Redirect	6.1	Medium	2025-10-03
CVE-2025-9885	MPWizard – Create Mercado Pago Payment Links <= 1.2.1 - Cross-Site Request Forgery to Arbitrary Post Deletion — MPWizard – Create Mercado Pago Payment Links	4.3	Medium	2025-10-03
CVE-2025-10311	Comment Info Detector <= 1.0.5 - Cross-Site Request Forgery to Settings Update — Comment Info Detector	4.3	Medium	2025-10-03
CVE-2025-9213	TextBuilder 1.0.0 - 1.1.1 - Cross-Site Request Forgery to Privilege Escalation via Account Takeover — TextBuilder	8.8	High	2025-10-03
CVE-2025-61604	WeGIA: Cross-Site Request Forgery (CSRF) Vulnerability in `control.php` Endpoint — WeGIA	6.5	-	2025-10-02
CVE-2025-54286	CSRF Vulnerability When Using Client Certificate Authentication with the LXD-UI — LXD	8.8^AI	High^AI	2025-10-02
CVE-2025-8119	Cross-Site Request Forgery in PAD CMS — PAD CMS	6.5^AI	Medium^AI	2025-09-30
CVE-2025-7052	LatePoint <= 5.1.94 - Cross-Site Request Forgery to Account Takeover via change_password() Function — LatePoint – Calendar Booking Plugin for Appointments and Events	8.8	High	2025-09-30
CVE-2025-9946	LockerPress – WordPress Security Plugin <= 1.0 - Cross-Site Request Forgery to Stored Cross-Site Scripting — LockerPress – WordPress Security Plugin	6.1	Medium	2025-09-30
CVE-2025-9948	Chat by Chatwee <= 2.1.3 - Cross-Site Request Forgery to Settings Update — Chat by Chatwee	4.3	Medium	2025-09-30
CVE-2025-35030	Medical Informatics Engineering Enterprise Health cross site request forgery — Enterprise Health	8.1	High	2025-09-29
CVE-2025-9893	VM Menu Reorder plugin <= 1.0.0 - Cross-Site Request Forgery to Settings Update — VM Menu Reorder plugin	4.3	Medium	2025-09-27
CVE-2025-9944	Professional Contact Form <= 1.0.0 - Cross-Site Request Forgery to Test Email Sending — Professional Contact Form	4.3	Medium	2025-09-27
CVE-2025-9898	cForms – Light speed fast Form Builder <= 3.0.0 - Cross-Site Request Forgery — cForms – Light speed fast Form Builder	4.3	Medium	2025-09-27
CVE-2025-9899	Trust Reviews plugin for Google, Tripadvisor, Yelp, Airbnb and other platforms <= 1.0 - Cross-Site Request Forgery — Trust Reviews plugin for Google, Tripadvisor, Yelp, Airbnb and other platforms	6.1	Medium	2025-09-27

Vulnerabilities classified as CWE-352 (跨站请求伪造(CSRF)) represent 4751 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.

Goal Reached Thanks to every supporter — we hit 100%!

CWE-352 (跨站请求伪造(CSRF)) — Vulnerability Class 4751