CWE-352 (跨站请求伪造(CSRF)) — Vulnerability Class 4751

4751 vulnerabilities classified as CWE-352 (跨站请求伪造(CSRF)). AI Chinese analysis included.

CVE ID	Title	CVSS	Severity	Published
CVE-2025-5928	WP Sliding Login/Dashboard Panel <= 2.1.1 - Cross-Site Request Forgery to Settings Update — WP Sliding Login/Dashboard Panel	4.3	Medium	2025-06-13
CVE-2025-5938	Digital Marketing and Agency Templates Addons for Elementor <= 1.1.1 - Cross-Site Request Forgery to Import — Digital Marketing and Agency Templates Addons for Elementor	5.3	Medium	2025-06-13
CVE-2025-5930	WP2HTML <= 1.0.2 - Cross-Site Request Forgery to Settings Update — WP2HTML	4.3	Medium	2025-06-13
CVE-2025-5926	Link Shield <= 0.5.4 - Cross-Site Request Forgery to Stored Cross-Site Scripting — Link Shield	6.1	Medium	2025-06-13
CVE-2025-6001	VirtueMart - Cross Site Request Forgery (CSRF) — VirtueMart	8.3	High	2025-06-11
CVE-2025-41661	Weidmueller: Security routers IE-SR-2TX are affected by CSRF — IE-SR-2TX-WL	8.8	High	2025-06-11
CVE-2025-36576	Dell Wyse Management Suite WMS 跨站请求伪造漏洞 — Wyse Management Suite	2.7	Low	2025-06-10
CVE-2025-49510	WordPress Min Max Step Quantity Limits Manager for WooCommerce plugin <= 5.1.0 - Cross Site Request Forgery (CSRF) vulnerability — Min Max Step Quantity Limits Manager for WooCommerce	4.3	Medium	2025-06-10
CVE-2025-49511	WordPress Civi Framework plugin <= 2.1.6 - Cross Site Request Forgery (CSRF) to User Deactivation vulnerability — Civi Framework	7.1	High	2025-06-10
CVE-2025-5925	Bunny’s Print CSS <= 0.95 - Cross-Site Request Forgery to Settings Update — Bunny’s Print CSS	4.3	Medium	2025-06-10
CVE-2025-5900	Tenda AC9 cross-site request forgery — AC9	4.3	Medium	2025-06-09
CVE-2025-5888	jsnjfz WebStack-Guns cross-site request forgery — WebStack-Guns	4.3	Medium	2025-06-09
CVE-2025-5885	Konica Minolta bizhub cross-site request forgery — bizhub	4.3	Medium	2025-06-09
CVE-2025-5766	code-projects Laundry System cross-site request forgery — Laundry System	4.3	Medium	2025-06-06
CVE-2025-49425	WordPress Konami Easter Egg plugin <= v0.4 - Cross Site Request Forgery (CSRF) Vulnerability — Konami Easter Egg	7.1	High	2025-06-06
CVE-2025-49435	WordPress Wp Easy Allopass plugin <= 4.1.1 - Cross Site Request Forgery (CSRF) Vulnerability — Wp Easy Allopass	4.3	Medium	2025-06-06
CVE-2025-49440	WordPress WP Security Master plugin <= 1.0.2 - Cross Site Request Forgery (CSRF) Vulnerability — WP Security Master	4.3	Medium	2025-06-06
CVE-2025-49439	WordPress Atelier Create CV plugin <= 1.1.5 - Cross Site Request Forgery (CSRF) to Settings Change vulnerability — Atelier Create CV	4.3	Medium	2025-06-06
CVE-2025-49445	WordPress Interactive UK Regional Map plugin <= 2.0 - Cross Site Request Forgery (CSRF) to Settings Change vulnerability — Interactive UK Regional Map	4.3	Medium	2025-06-06
CVE-2025-49449	WordPress Interactive Regional Map of Africa plugin <= 1.0 - Cross Site Request Forgery (CSRF) Vulnerability — Interactive Regional Map of Africa	4.3	Medium	2025-06-06
CVE-2025-49446	WordPress Admin Notes plugin <=1.1 - Cross Site Request Forgery (CSRF) Vulnerability — Admin Notes	4.3	Medium	2025-06-06
CVE-2025-49453	WordPress BP Profile as Homepage plugin <= 1.1 - Cross Site Request Forgery (CSRF) to Stored XSS vulnerability — BP Profile as Homepage	7.1	High	2025-06-06
CVE-2025-24772	WordPress Pay with Contact Form 7 plugin <= 1.0.4 - Cross Site Request Forgery (CSRF) Vulnerability — Pay with Contact Form 7	5.4	Medium	2025-06-06
CVE-2025-26593	WordPress FastBook plugin <= 1.1 - Cross Site Request Forgery (CSRF) Vulnerability — FastBook	4.3	Medium	2025-06-06
CVE-2025-27359	WordPress WP Media File Type Manager plugin <= 2.3.2 - Cross Site Request Forgery (CSRF) vulnerability — WP Media File Type Manager	4.3	Medium	2025-06-06
CVE-2025-27360	WordPress Quick Event Calendar plugin <= 1.4.9 - Cross Site Request Forgery (CSRF) Vulnerability — Quick Event Calendar	4.3	Medium	2025-06-06
CVE-2025-28948	WordPress Mediabay - WordPress Media Library Folders plugin <= 1.4 - CSRF to Reflected XSS vulnerability — Mediabay - WordPress Media Library Folders	7.1	High	2025-06-06
CVE-2025-28952	WordPress CubePoints plugin <= 3.2.1 - Cross Site Request Forgery (CSRF) Vulnerability — CubePoints	4.3	Medium	2025-06-06
CVE-2025-28950	WordPress Post Author plugin <= 1.1.1 - Cross Site Request Forgery (CSRF) Vulnerability — Post Author	7.1	High	2025-06-06
CVE-2025-28958	WordPress Bg Orthodox Calendar plugin <= 0.13.10 - CSRF to Stored XSS vulnerability — Bg Orthodox Calendar	7.1	High	2025-06-06

Vulnerabilities classified as CWE-352 (跨站请求伪造(CSRF)) represent 4751 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.

Goal Reached Thanks to every supporter — we hit 100%!

CWE-352 (跨站请求伪造(CSRF)) — Vulnerability Class 4751