CWE-352 (跨站请求伪造(CSRF)) — Vulnerability Class 4751

4751 vulnerabilities classified as CWE-352 (跨站请求伪造(CSRF)). AI Chinese analysis included.

CVE ID	Title	CVSS	Severity	Published
CVE-2025-28954	WordPress Backwp plugin <= 2.0.2 - CSRF to Arbitrary File Deletion vulnerability — Backwp	7.4	High	2025-06-06
CVE-2025-28964	WordPress Personal Favicon plugin <= 2.0 - CSRF to Stored XSS vulnerability — Personal Favicon	7.1	High	2025-06-06
CVE-2025-28966	WordPress Recent Posts Slider Responsive plugin <= 1.0.1 - Cross Site Request Forgery (CSRF) vulnerability — Recent Posts Slider Responsive	7.1	High	2025-06-06
CVE-2025-28974	WordPress Free WP Mail SMTP plugin <= 1.0 - Cross Site Request Forgery (CSRF) to Stored XSS vulnerability — Free WP Mail SMTP	7.1	High	2025-06-06
CVE-2025-28981	WordPress WP Mail Options plugin <= 0.2.3 - Cross Site Request Forgery (CSRF) to Stored XSS vulnerability — WP Mail Options	7.1	High	2025-06-06
CVE-2025-28986	WordPress Epicwin Plugin plugin <= 1.5 - CSRF to SQL Injection vulnerability — Epicwin Plugin	8.2	High	2025-06-06
CVE-2025-28984	WordPress Subscription Renewal Reminders for WooCommerce plugin <= 1.4.1 - Cross Site Request Forgery (CSRF) vulnerability — Subscription Renewal Reminders for WooCommerce	4.3	Medium	2025-06-06
CVE-2025-29005	WordPress HR Management Lite plugin <= 3.6 - Cross Site Request Forgery (CSRF) vulnerability — HR Management Lite	4.3	Medium	2025-06-06
CVE-2025-30629	WordPress Bitly URL Shortener plugin <= 1.4.1 - Cross Site Request Forgery (CSRF) vulnerability — Bitly URL Shortener	4.3	Medium	2025-06-06
CVE-2025-30632	WordPress Global Translator plugin <= 2.0.2 - Cross Site Request Forgery (CSRF) Vulnerability — Global Translator	5.4	Medium	2025-06-06
CVE-2025-30946	WordPress Custom Bulk/Quick Edit plugin <= 1.6.10 - Cross Site Request Forgery (CSRF) Vulnerability — Custom Bulk/Quick Edit	4.3	Medium	2025-06-06
CVE-2025-30948	WordPress Layouts for Elementor plugin <= 1.11 - Cross Site Request Forgery (CSRF) Vulnerability — Layouts for Elementor	4.3	Medium	2025-06-06
CVE-2025-30956	WordPress Booqable Rental plugin <= 2.4.25 - Cross Site Request Forgery (CSRF) vulnerability — Booqable Rental	4.3	Medium	2025-06-06
CVE-2025-30968	WordPress Advanced Post List plugin <= 0.5.6.2 - Cross Site Request Forgery (CSRF) Vulnerability — Advanced Post List	5.4	Medium	2025-06-06
CVE-2025-30980	WordPress Simple Keyword to Link plugin <= 1.5 - Cross Site Request Forgery (CSRF) Vulnerability — Simple Keyword to Link	4.3	Medium	2025-06-06
CVE-2025-30986	WordPress Elite Video Player plugin <= 10.0.5 - Cross Site Request Forgery (CSRF) Vulnerability — Elite Video Player	5.4	Medium	2025-06-06
CVE-2025-30981	WordPress WP-Recall plugin <= 16.26.14 - CSRF to Privilege Escalation vulnerability — WP-Recall	6.3	Medium	2025-06-06
CVE-2025-30994	WordPress CubeWP plugin <= 1.1.29 - Cross Site Request Forgery (CSRF) vulnerability — CubeWP	4.3	Medium	2025-06-06
CVE-2025-30995	WordPress Widgetize Pages Light plugin <= 3.0 - Cross Site Request Forgery (CSRF) to Stored XSS vulnerability — Widgetize Pages Light	7.1	High	2025-06-06
CVE-2025-49332	WordPress WP Time Slots Booking Form plugin <= 1.2.30 - Cross Site Request Forgery (CSRF) Vulnerability — WP Time Slots Booking Form	4.3	Medium	2025-06-06
CVE-2025-49317	WordPress WP Page Loading plugin <= 1.0.6 - Cross Site Request Forgery (CSRF) Vulnerability — WP Page Loading	4.3	Medium	2025-06-06
CVE-2025-49291	WordPress Calculated Fields Form plugin <= 5.3.58 - Cross Site Request Forgery (CSRF) Vulnerability — Calculated Fields Form	4.3	Medium	2025-06-06
CVE-2025-49286	WordPress WP Table Builder plugin <= 2.0.6 - Cross Site Request Forgery (CSRF) Vulnerability — WP Table Builder	4.3	Medium	2025-06-06
CVE-2025-49285	WordPress WP Cookie Notice for GDPR, CCPA & ePrivacy Consent plugin <= 3.8.0 - Cross Site Request Forgery (CSRF) Vulnerability — WP Cookie Notice for GDPR, CCPA & ePrivacy Consent	4.3	Medium	2025-06-06
CVE-2025-49284	WordPress WP Maintenance Mode & Site Under Construction plugin <= 4.3 - Cross Site Request Forgery (CSRF) Vulnerability — WP Maintenance Mode & Site Under Construction	4.3	Medium	2025-06-06
CVE-2025-49283	WordPress Anti-spam, Spam protection, ReCaptcha for all forms and GDPR-compliant plugin <= 4.1.1 - Cross Site Request Forgery (CSRF) Vulnerability — Anti-spam, Spam protection, ReCaptcha for all forms and GDPR-compliant	4.3	Medium	2025-06-06
CVE-2025-49273	WordPress WP Tools plugin <= 5.24 - Cross Site Request Forgery (CSRF) Vulnerability — WP Tools	4.3	Medium	2025-06-06
CVE-2025-49269	WordPress Market Exporter plugin <= 2.0.22 - Cross Site Request Forgery (CSRF) Vulnerability — Market Exporter	4.3	Medium	2025-06-06
CVE-2025-49239	WordPress Print Invoice & Delivery Notes for WooCommerce plugin <= 5.5.0 - Cross Site Request Forgery (CSRF) Vulnerability — Print Invoice & Delivery Notes for WooCommerce	5.4	Medium	2025-06-06
CVE-2025-49238	WordPress Everest Backup plugin <= 2.3.3 - Cross Site Request Forgery (CSRF) Vulnerability — Everest Backup	4.3	Medium	2025-06-06

Vulnerabilities classified as CWE-352 (跨站请求伪造(CSRF)) represent 4751 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.

Goal Reached Thanks to every supporter — we hit 100%!

CWE-352 (跨站请求伪造(CSRF)) — Vulnerability Class 4751