Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-352 (跨站请求伪造(CSRF)) — Vulnerability Class 4751

4751 vulnerabilities classified as CWE-352 (跨站请求伪造(CSRF)). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2025-46249 WordPress Simple calendar for Elementor plugin <= 1.6.4 - Cross Site Request Forgery (CSRF) Vulnerability — Simple calendar for Elementor 4.3 Medium2025-04-22
CVE-2025-46245 WordPress CM Ad Changer plugin <= 2.0.5 - Cross Site Request Forgery (CSRF) Vulnerability — CM Ad Changer 4.3 Medium2025-04-22
CVE-2025-46246 WordPress CM Answers plugin <= 3.3.3 - Cross Site Request Forgery (CSRF) Vulnerability — CM Answers 4.3 Medium2025-04-22
CVE-2025-46243 WordPress Recover abandoned cart for WooCommerce plugin <= 2.2 - Cross Site Request Forgery (CSRF) Vulnerability — Recover abandoned cart for WooCommerce 4.3 Medium2025-04-22
CVE-2025-46241 WordPress Appointment Booking Calendar plugin <= 1.3.92 - CSRF to SQL Injection vulnerability — Appointment Booking Calendar 8.2 High2025-04-22
CVE-2025-46231 WordPress affiliate-toolkit plugin <= 3.7.3 - Cross Site Request Forgery (CSRF) Vulnerability — affiliate-toolkit 5.4 Medium2025-04-22
CVE-2025-3843 panhainan DS-Java cross-site request forgery — DS-Java 4.3 Medium2025-04-21
CVE-2025-3808 zhenfeng13 My-BBS cross-site request forgery — My-BBS 4.3 Medium2025-04-19
CVE-2025-2111 WP Headers And Footers <= 3.1.1 - Cross-Site Request Forgery to Arbitrary Options Update — Insert Headers And Footers 7.5 High2025-04-19
CVE-2025-3284 User Registration & Membership PRO – Custom Registration Form, Login Form, and User Profile <= 5.1.3 - Cross-Site Request Forgery to User Deletion — User Registration PRO – Custom Registration Form, Login Form, and User Profile WordPress Plugin 4.3 Medium2025-04-19
CVE-2025-32546 WordPress All push notification for WP Plugin <= 1.5.3 - CSRF to Reflected Cross Site Scripting (XSS) vulnerability — All push notification for WP 7.1 High2025-04-17
CVE-2025-32545 WordPress WooCommerce Products without featured images Plugin <= 0.1 - CSRF to Reflected Cross Site Scripting (XSS) vulnerability — WooCommerce Products without featured images 6.1AIMediumAI2025-04-17
CVE-2025-32606 WordPress Listings for Buildium plugin <= 0.1.5 - Cross Site Request Forgery (CSRF) vulnerability — Listings for Buildium 7.1 High2025-04-17
CVE-2025-32655 WordPress Restrict User Registration plugin <= 1.0.1 - CSRF to Stored XSS vulnerability — Restrict User Registration 7.1 High2025-04-17
CVE-2025-39414 WordPress spam-stopper plugin <= 3.1.3 - CSRF to Stored XSS vulnerability — spam-stopper 7.1 High2025-04-17
CVE-2025-39415 WordPress Social Media Links plugin <= 1.0.3 - CSRF to Stored XSS vulnerability — Social Media Links 7.1 High2025-04-17
CVE-2025-39416 WordPress translit it! plugin <= 1.6 - CSRF to Stored XSS vulnerability — translit it! 7.1 High2025-04-17
CVE-2025-39417 WordPress Redirect wordpress to welcome or landing page plugin <= 2.0 - CSRF to Stored XSS vulnerability — Redirect wordpress to welcome or landing page 7.1 High2025-04-17
CVE-2025-39418 WordPress RSS Manager plugin <= 0.06 - CSRF to Stored XSS vulnerability — RSS Manager 7.1 High2025-04-17
CVE-2025-39419 WordPress Revision Diet plugin <= 1.0.1 - CSRF to Stored XSS vulnerability — Revision Diet 7.1 High2025-04-17
CVE-2025-39421 WordPress WP Sticky Side Buttons plugin <= 2.1 - Cross Site Request Forgery (CSRF) vulnerability — WP Sticky Side Buttons 7.1 High2025-04-17
CVE-2025-39422 WordPress WP Social Bookmarking plugin <= 3.6 - Cross Site Request Forgery (CSRF) vulnerability — WP Social Bookmarking 7.1 High2025-04-17
CVE-2025-39423 WordPress Add to Header plugin <= 1.0 - CSRF to XSS vulnerability — Add to Header 7.1 High2025-04-17
CVE-2025-39424 WordPress Simple Maps plugin <= 0.98 - CSRF to XSS vulnerability — Simple Maps 7.1 High2025-04-17
CVE-2025-39426 WordPress illow – Cookies Consent plugin <= 0.2.0 - Cross Site Request Forgery (CSRF) vulnerability — illow – Cookies Consent 4.3 Medium2025-04-17
CVE-2025-39425 WordPress Style Manager plugin <= 2.2.7 - Cross Site Request Forgery (CSRF) to Settings Change vulnerability — Style Manager 4.3 Medium2025-04-17
CVE-2025-39430 WordPress mLanguage plugin <= 1.6.1 - Cross Site Request Forgery (CSRF) vulnerability — mLanguage 7.1 High2025-04-17
CVE-2025-39431 WordPress Amazon Showcase WordPress Plugin plugin <= 2.2 - CSRF to XSS vulnerability — Amazon Showcase WordPress Plugin 7.1 High2025-04-17
CVE-2025-39433 WordPress Bknewsticker plugin <= 1.0.5 - Cross Site Request Forgery (CSRF) vulnerability — Bknewsticker 7.1 High2025-04-17
CVE-2025-39435 WordPress My Marginalia plugin <= 1.0.6 - CSRF to Stored XSS vulnerability — My Marginalia 7.1 High2025-04-17

Vulnerabilities classified as CWE-352 (跨站请求伪造(CSRF)) represent 4751 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.