Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-352 (跨站请求伪造(CSRF)) — Vulnerability Class 4751

4751 vulnerabilities classified as CWE-352 (跨站请求伪造(CSRF)). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2025-49237 WordPress POEditor plugin <= 0.9.10 - CSRF to Arbitrary File Deletion vulnerability — POEditor 7.4 High2025-06-06
CVE-2025-48328 WordPress Real Time Validation for Gravity Forms plugin <= 1.7.0 - Cross Site Request Forgery (CSRF) to Settings Change vulnerability — Real Time Validation for Gravity Forms 4.3 Medium2025-06-06
CVE-2025-49077 WordPress Dynamic Pricing and Discount Rules plugin <= 2.2.9 - Cross Site Request Forgery (CSRF) vulnerability — Dynamic Pricing and Discount Rules 4.3 Medium2025-06-06
CVE-2025-5732 code-projects Traffic Offense Reporting System cross-site request forgery — Traffic Offense Reporting System 4.3 Medium2025-06-06
CVE-2025-2935 Anti-Spam: Spam Protection | Block Spam Users, Comments, Forms <= 2024.7 - Cross-Site Request Forgery to Multiple Administrative Actions — Stop Spammers Classic 5.4 Medium2025-06-06
CVE-2025-4966 WP Online Users Stats <= 1.0.0 - Cross-Site Request Forgery to Stored Cross-Site Scripting via hk_dataset_results Function — WP Online Users Stats 6.1 Medium2025-06-06
CVE-2025-5019 Hive Support <= 1.2.5 - Cross-Site Request Forgery via hs_update_ai_chat_settings Function — Hive Support | AI-Powered Help Desk, Live Chat and Chatbot 5.4 Medium2025-06-06
CVE-2025-36513 i-PRO surveillance cameras 跨站请求伪造漏洞 — Surveillance cameras provided by i-PRO Co., Ltd. 8.8AIHighAI2025-06-06
CVE-2025-46257 WordPress Element Pack Pro Plugin < 8.0.0 - Cross Site Request Forgery (CSRF) vulnerability — Element Pack Pro 4.3 Medium2025-06-05
CVE-2025-31482 FreshRSS vulnerable to DoS by malicious feed entry loading logout URL — FreshRSS 4.3 Medium2025-06-04
CVE-2025-5521 WuKongOpenSource WukongCRM updataPassword cross-site request forgery — WukongCRM 4.3 Medium2025-06-03
CVE-2025-49069 WordPress Contact Forms by Cimatti plugin <= 1.9.8 - Cross Site Request Forgery (CSRF) vulnerability — Contact Forms by Cimatti 4.3 Medium2025-06-02
CVE-2025-5410 Mist Community Edition middleware.py session_start_response cross-site request forgery — Community Edition 4.3 Medium2025-06-01
CVE-2025-48885 application-urlshortener users can create arbitrary pages as long as they have view access to them — application-urlshortener 4.3AIMediumAI2025-05-30
CVE-2025-5142 Simple Page Access Restriction <= 1.0.31 - Cross-Site Request Forgery via Multiple Parameters — Simple Page Access Restriction 6.5 Medium2025-05-30
CVE-2025-26211 Gibbon 跨站请求伪造漏洞 — Gibbon 3.7 Low2025-05-27
CVE-2025-5185 Summer Pearl Group Vacation Rental Management Platform cross-site request forgery — Vacation Rental Management Platform 4.3 Medium2025-05-26
CVE-2025-5132 Tmall Demo logout cross-site request forgery — Demo 4.3 Medium2025-05-24
CVE-2025-46458 WordPress occupancyplan plugin <= 1.0.3.0 - CSRF to SQL Injection vulnerability — occupancyplan 8.2 High2025-05-23
CVE-2025-48740 StrangeBee TheHive 跨站请求伪造漏洞 — TheHive 8.8AIHighAI2025-05-23
CVE-2025-5033 XiaoBingby TeaCMS addUser cross-site request forgery — TeaCMS 4.3 Medium2025-05-21
CVE-2025-48340 WordPress User Profile Meta Manager plugin <= 1.02 - CSRF to Privilege Escalation vulnerability — User Profile Meta Manager 9.8 Critical2025-05-19
CVE-2025-43835 WordPress wp-cyr-cho plugin <= 0.1 - Cross Site Request Forgery (CSRF) vulnerability — wp-cyr-cho 4.3 Medium2025-05-19
CVE-2025-43840 WordPress CheckBot plugin <= 1.05 - CSRF to Stored XSS vulnerability — CheckBot 7.1 High2025-05-19
CVE-2025-39375 WordPress Easy Child Theme Creator plugin <= 1.3.1 - Cross Site Request Forgery (CSRF) vulnerability — Easy Child Theme Creator 4.3 Medium2025-05-19
CVE-2025-39374 WordPress Best Posts Summary plugin <= 1.0 - CSRF to Stored XSS vulnerability — Best Posts Summary 7.1 High2025-05-19
CVE-2025-39371 WordPress Author Box Plugin With Different Description plugin <= 1.3.5 - Cross Site Request Forgery (CSRF) vulnerability — Author Box Plugin With Different Description 4.3 Medium2025-05-19
CVE-2025-39351 WordPress Grand Restaurant WordPress theme <= 7.0 - Cross Site Request Forgery (CSRF) vulnerability — Grand Restaurant 4.3 Medium2025-05-19
CVE-2025-47583 WordPress Salon booking system plugin <= 10.16 - CSRF to Arbitrary Content Deletion vulnerability — Salon booking system 5.4 Medium2025-05-19
CVE-2025-48344 WordPress Rootspersona plugin <= 3.7.5 - Cross Site Request Forgery (CSRF) Vulnerability — Rootspersona 5.4 Medium2025-05-19

Vulnerabilities classified as CWE-352 (跨站请求伪造(CSRF)) represent 4751 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.