CWE-352 (跨站请求伪造(CSRF)) — Vulnerability Class 4751

4751 vulnerabilities classified as CWE-352 (跨站请求伪造(CSRF)). AI Chinese analysis included.

CVE ID	Title	CVSS	Severity	Published
CVE-2025-9627	Run Log <= 1.7.10 - Cross-Site Request Forgery to Settings Update — Run Log	4.3	Medium	2025-09-11
CVE-2025-9635	Analytics Reduce Bounce Rate <= 2.3 - Cross-Site Request Forgery — Analytics Reduce Bounce Rate	4.3	Medium	2025-09-11
CVE-2025-9634	Plugin updates blocker <= 0.2 - Cross-Site Request Forgery — Plugin updates blocker	4.3	Medium	2025-09-11
CVE-2025-9628	The integration of the AMO.CRM <= 1.0.1 - Cross-Site Request Forgery — The integration of the AMO.CRM	4.3	Medium	2025-09-11
CVE-2025-9631	AutoCatSet <= 2.1.4 - Cross-Site Request Forgery — AutoCatSet	4.3	Medium	2025-09-11
CVE-2025-8479	Zoho Flow <= 2.14.1 - Cross-Site Request Forgery — Zoho Flow – Integrate 100+ plugins with 1000+ business apps, no-code workflow automation	4.3	Medium	2025-09-11
CVE-2025-9622	WP Blast \| SEO & Performance Booster <= 1.8.6 - Cross-Site Request Forgery to Cache Clearing — WP Blast \| SEO & Performance Booster	4.3	Medium	2025-09-10
CVE-2025-9888	Maspik <= 2.5.6 - Cross-Site Request Forgery — Maspik – Ultimate Spam Protection	4.3	Medium	2025-09-10
CVE-2025-54256	Dreamweaver Desktop \| Cross-Site Request Forgery (CSRF) (CWE-352) — Dreamweaver Desktop	8.6	High	2025-09-09
CVE-2025-58975	WordPress Advanced Settings Plugin <= 3.1.1 - Cross Site Request Forgery (CSRF) Vulnerability — Advanced Settings	4.3	Medium	2025-09-09
CVE-2025-58991	WordPress WooCommerce Booking Bundle Hours Plugin <= 0.7.4 - Cross Site Request Forgery (CSRF) Vulnerability — WooCommerce Booking Bundle Hours	7.1	High	2025-09-09
CVE-2025-58997	WordPress Mow Theme <= 4.10 - Cross Site Request Forgery (CSRF) Vulnerability — Mow	9.6	Critical	2025-09-09
CVE-2025-55147	Ivanti多款产品跨站请求伪造漏洞 — Connect Secure	8.8	High	2025-09-09
CVE-2025-8711	Ivanti多款产品跨站请求伪造漏洞 — Connect Secure	5.4	Medium	2025-09-09
CVE-2025-42923	Cross-Site Request Forgery (CSRF) vulnerability in SAP Fiori App (F4044 Manage Work Center Groups) — SAP Fiori App (F4044 Manage Work Center Groups)	4.3	Medium	2025-09-09
CVE-2025-27003	WordPress Quick Paypal Payments Plugin <= 5.7.46 - Cross Site Request Forgery (CSRF) vulnerability — Quick Paypal Payments	4.3	Medium	2025-09-05
CVE-2025-48104	WordPress Floating Window Music Player plugin <= 3.4.2 - Cross Site Request Forgery (CSRF) to Stored XSS vulnerability — Floating Window Music Player	7.1	High	2025-09-05
CVE-2025-58878	WordPress Woocommerce Gifts Product Plugin <= 1.0.0 - Cross Site Request Forgery (CSRF) Vulnerability — Woocommerce Gifts Product	6.5	Medium	2025-09-05
CVE-2025-58869	WordPress SimaCookie Plugin <= 1.3.2 - Cross Site Request Forgery (CSRF) Vulnerability — SimaCookie	6.5	Medium	2025-09-05
CVE-2025-58865	WordPress Compact Admin plugin <= 1.3.3 - Cross Site Request Forgery (CSRF) vulnerability — Compact Admin	4.3	Medium	2025-09-05
CVE-2025-58861	WordPress Quick Event Calendar Plugin <= 1.4.9 - Cross Site Request Forgery (CSRF) Vulnerability — Quick Event Calendar	7.1	High	2025-09-05
CVE-2025-58860	WordPress Enable Latex Plugin <= 1.2.16 - Cross Site Request Forgery (CSRF) Vulnerability — Enable Latex	7.1	High	2025-09-05
CVE-2025-58859	WordPress Add to Feedly Plugin <= 1.2.11 - Cross Site Request Forgery (CSRF) Vulnerability — Add to Feedly	7.1	High	2025-09-05
CVE-2025-58856	WordPress Woocommerce Notify Updated Product Plugin <= 1.6 - Cross Site Request Forgery (CSRF) Vulnerability — Woocommerce Notify Updated Product	6.5	Medium	2025-09-05
CVE-2025-58854	WordPress Ultimate AJAX Login Plugin <= 1.2.1 - Cross Site Request Forgery (CSRF) Vulnerability — Ultimate AJAX Login	7.1	High	2025-09-05
CVE-2025-58853	WordPress Popping Sidebars and Widgets Light Plugin <= 1.27 - Cross Site Request Forgery (CSRF) Vulnerability — Popping Sidebars and Widgets Light	7.1	High	2025-09-05
CVE-2025-58852	WordPress MSTW League Manager Plugin <= 2.10 - Cross Site Request Forgery (CSRF) Vulnerability — MSTW League Manager	7.1	High	2025-09-05
CVE-2025-58849	WordPress Hide Real Download Path Plugin <= 1.6 - Cross Site Request Forgery (CSRF) Vulnerability — Hide Real Download Path	7.1	High	2025-09-05
CVE-2025-58848	WordPress WP likes Plugin <= 3.1.1 - Cross Site Request Forgery (CSRF) Vulnerability — WP likes	7.1	High	2025-09-05
CVE-2025-58846	WordPress WordPress Buffer – HYPESocial. Social Media Auto Post, Social Media Auto Publish and Schedule Plugin <= 2020.1.0 - Cross Site Request Forgery (CSRF) Vulnerability — WordPress Buffer – HYPESocial. Social Media Auto Post, Social Media Auto Publish and Schedule	7.1	High	2025-09-05

Vulnerabilities classified as CWE-352 (跨站请求伪造(CSRF)) represent 4751 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.

Goal Reached Thanks to every supporter — we hit 100%!

CWE-352 (跨站请求伪造(CSRF)) — Vulnerability Class 4751