CWE-352 (跨站请求伪造(CSRF)) — Vulnerability Class 4751

4751 vulnerabilities classified as CWE-352 (跨站请求伪造(CSRF)). AI Chinese analysis included.

CVE ID	Title	CVSS	Severity	Published
CVE-2025-48353	WordPress Clickbank WordPress Plugin (Niche Storefront) plugin <= 1.3.5 - Cross Site Request Forgery (CSRF) to Stored XSS vulnerability — Clickbank WordPress Plugin (Niche Storefront)	7.1	High	2025-08-28
CVE-2025-48351	WordPress Kento Splash Screen plugin <= 1.4 - Cross Site Request Forgery (CSRF) to Stored XSS vulnerability — Kento Splash Screen	7.1	High	2025-08-28
CVE-2025-48343	WordPress WPMU Ldap Authentication plugin <= 5.0.1 - Cross Site Request Forgery (CSRF) to Stored XSS vulnerability — WPMU Ldap Authentication	7.1	High	2025-08-28
CVE-2025-48325	WordPress WP Admin Theme plugin <= 1.0 - Cross Site Request Forgery (CSRF) to Stored XSS vulnerability — WP Admin Theme	7.1	High	2025-08-28
CVE-2025-48321	WordPress Ultimate twitter profile widget plugin <= 1.0 - CSRF to Stored XSS vulnerability — Ultimate twitter profile widget	7.1	High	2025-08-28
CVE-2025-48320	WordPress 百度分享按钮 plugin <= 1.0.6 - CSRF to Stored XSS vulnerability — 百度分享按钮	7.1	High	2025-08-28
CVE-2025-48318	WordPress 多说社会化评论框 plugin <= 1.2 - Cross Site Request Forgery (CSRF) to Settings Change vulnerability — 多说社会化评论框	4.3	Medium	2025-08-28
CVE-2025-48311	WordPress Invisible Optin plugin <= 1.0 - Cross Site Request Forgery (CSRF) to Stored XSS vulnerability — Invisible Optin	7.1	High	2025-08-28
CVE-2025-48310	WordPress Table Editor plugin <= 1.6.4 - Cross Site Request Forgery (CSRF) vulnerability — Table Editor	4.3	Medium	2025-08-28
CVE-2025-48309	WordPress BetPress plugin <= 1.0.1 Lite - CSRF to Stored XSS vulnerability — BetPress	7.1	High	2025-08-28
CVE-2025-48307	WordPress SEO For Images plugin <= 1.0.0 - Cross Site Request Forgery (CSRF) to Stored XSS vulnerability — SEO For Images	7.1	High	2025-08-28
CVE-2025-48308	WordPress Newsletter subscription optin module plugin <= 1.2.9 - Cross Site Request Forgery (CSRF) to Stored XSS vulnerability — Newsletter subscription optin module	7.1	High	2025-08-28
CVE-2025-48306	WordPress Savyour Affiliate Partner plugin <= 2.1.4 - CSRF to Stored XSS vulnerability — Savyour Affiliate Partner	7.1	High	2025-08-28
CVE-2025-48304	WordPress Google XML News Sitemap plugin plugin <= 0.02 - Cross Site Request Forgery (CSRF) to Stored XSS vulnerability — Google XML News Sitemap plugin	7.1	High	2025-08-28
CVE-2025-48109	WordPress XM-Backup plugin <= 0.9.1 - CSRF to Stored XSS vulnerability — XM-Backup	7.1	High	2025-08-28
CVE-2025-54541	Cross-Site Request Forgery in QuickCMS — QuickCMS	4.3^AI	Medium^AI	2025-08-28
CVE-2025-7812	Video Share VOD – Turnkey Video Site Builder Script <= 2.7.6 - Cross-Site Request Forgery to Command Injection — Video Share VOD – Turnkey Video Site Builder Script	8.8	High	2025-08-28
CVE-2025-58217	WordPress Instant Breaking News Plugin <= 1.0 - Cross Site Request Forgery (CSRF) Vulnerability — Instant Breaking News	7.1	High	2025-08-27
CVE-2025-58202	WordPress Simple Page Access Restriction Plugin <= 1.0.32 - Cross Site Request Forgery (CSRF) Vulnerability — Simple Page Access Restriction	4.3	Medium	2025-08-27
CVE-2025-49040	WordPress Backup Bolt plugin <= 1.5.0 - Cross Site Request Forgery (CSRF) vulnerability — Backup Bolt	4.3	Medium	2025-08-27
CVE-2025-48303	WordPress Post Type Converter plugin <= 0.6 - Cross Site Request Forgery (CSRF) vulnerability — Post Type Converter	4.3	Medium	2025-08-25
CVE-2025-7841	Sertifier Certificate & Badge Maker for WordPress – Tutor LMS <= 1.19 - Cross-Site Request Forgery to Settings Update — Sertifier Certificate & Badge Maker for WordPress – Tutor LMS	4.3	Medium	2025-08-23
CVE-2025-7839	Restore Permanently delete Post or Page Data <= 1.0 - Cross-Site Request Forgery — Restore Permanently delete Post or Page Data	4.3	Medium	2025-08-23
CVE-2025-7842	Silencesoft RSS Reader <= 0.6 - Cross-Site Request Forgery to RSS Feed Deletion — Silencesoft RSS Reader	4.3	Medium	2025-08-23
CVE-2025-57895	WordPress JobWP Plugin <= 2.4.3 - Cross Site Request Forgery (CSRF) Vulnerability — JobWP	4.3	Medium	2025-08-22
CVE-2025-57893	WordPress WP Fast Total Search Plugin <= 1.79.270 - Cross Site Request Forgery (CSRF) Vulnerability — WP Fast Total Search	4.3	Medium	2025-08-22
CVE-2025-57892	WordPress Simple Statistics for Feeds Plugin <= 20250322 - Cross Site Request Forgery (CSRF) Vulnerability — Simple Statistics for Feeds	4.3	Medium	2025-08-22
CVE-2025-57885	WordPress Fluent Support Plugin <= 1.9.1 - Cross Site Request Forgery (CSRF) Vulnerability — Fluent Support	4.3	Medium	2025-08-22
CVE-2025-55744	UnoPim vulnerable to CSRF on Product edit feature and creation of other types — unopim	8.8^AI	High^AI	2025-08-21
CVE-2025-8592	Inspiro <= 2.1.2 - Cross-Site Request Forgery to Arbitrary Plugin Installation — Inspiro	8.1	High	2025-08-21

Vulnerabilities classified as CWE-352 (跨站请求伪造(CSRF)) represent 4751 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.

Goal Reached Thanks to every supporter — we hit 100%!

CWE-352 (跨站请求伪造(CSRF)) — Vulnerability Class 4751