Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-352 (跨站请求伪造(CSRF)) — Vulnerability Class 4751

4751 vulnerabilities classified as CWE-352 (跨站请求伪造(CSRF)). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2025-39437 WordPress Anthologize plugin <= 0.8.3 - Cross Site Request Forgery (CSRF) vulnerability — Anthologize 4.3 Medium2025-04-17
CVE-2025-39438 WordPress Theme Changer plugin <= 1.4 - Cross Site Request Forgery (CSRF) vulnerability — Theme Changer 4.3 Medium2025-04-17
CVE-2025-39440 WordPress Broken Links Remover plugin <= 1.2.2 - CSRF to Stored XSS vulnerability — Broken Links Remover 7.1 High2025-04-17
CVE-2025-39441 WordPress Dashboard Notepads plugin <= 1.2.1 - CSRF to Stored XSS vulnerability — Dashboard Notepads 7.1 High2025-04-17
CVE-2025-39442 WordPress Review Wave – Google Places Reviews plugin <= 1.4.7 - Cross Site Request Forgery (CSRF) vulnerability — Review Wave – Google Places Reviews 7.1 High2025-04-17
CVE-2025-39443 WordPress Verge3D plugin <= 4.9.0 - Cross Site Request Forgery (CSRF) vulnerability — Verge3D 4.3 Medium2025-04-17
CVE-2025-39453 WordPress Advanced Dynamic Pricing for WooCommerce plugin <= 4.9.3 - Cross Site Request Forgery (CSRF) to Settings Change vulnerability — Advanced Dynamic Pricing for WooCommerce 4.3 Medium2025-04-17
CVE-2025-39455 WordPress IP2Location Variables plugin <= 2.9.5 - CSRF to Cross Site Scripting (XSS) vulnerability — IP2Location Variables 7.1 High2025-04-17
CVE-2025-39472 WordPress WooCommerce Social Login plugin < 2.8.3 - Cross Site Request Forgery (CSRF) vulnerability — WooCommerce Social Login 4.3 Medium2025-04-16
CVE-2025-39512 WordPress Bulk Term Editor plugin <= 1.1.4 - Cross Site Request Forgery (CSRF) Vulnerability — Bulk Term Editor 4.3 Medium2025-04-16
CVE-2025-39517 WordPress Basic Interactive World Map plugin <= 2.7 - Cross Site Request Forgery (CSRF) to Settings Change vulnerability — Basic Interactive World Map 4.3 Medium2025-04-16
CVE-2025-39530 WordPress Site Search 360 plugin <= 2.1.8 - Cross Site Request Forgery (CSRF) to stored XSS vulnerability — Site Search 360 7.1 High2025-04-16
CVE-2025-39544 WordPress WP Tools plugin <= 5.18 - CSRF to Arbitrary File Deletion vulnerability — WP Tools 7.4 High2025-04-16
CVE-2025-39546 WordPress ElementsReady Addons for Elementor plugin <= 6.6.2 - Cross Site Request Forgery (CSRF) Vulnerability — ElementsReady Addons for Elementor 4.3 Medium2025-04-16
CVE-2025-39547 WordPress Internal Link Optimiser plugin <= 5.1.3 - CSRF to XSS vulnerability — Internal Link Optimiser 7.1 High2025-04-16
CVE-2025-39548 WordPress Right Click Disable OR Ban plugin <= 1.1.17 - CSRF to Stored XSS vulnerability — Right Click Disable OR Ban 7.1 High2025-04-16
CVE-2025-39563 WordPress Conditional Payments for WooCommerce plugin <= 3.3.0 - Cross Site Request Forgery (CSRF) Vulnerability — Conditional Payments for WooCommerce 6.5 Medium2025-04-16
CVE-2025-39564 WordPress Conditional Shipping for WooCommerce plugin <= 3.4.0 - Cross Site Request Forgery (CSRF) Vulnerability — Conditional Shipping for WooCommerce 6.5 Medium2025-04-16
CVE-2025-39593 WordPress Ever Accounting plugin <= 2.1.5 - Cross Site Request Forgery (CSRF) Vulnerability — Ever Accounting 4.3 Medium2025-04-16
CVE-2025-39601 WordPress Custom CSS, JS & PHP plugin <= 2.4.1 - CSRF to RCE vulnerability — Custom CSS, JS & PHP 9.6 Critical2025-04-16
CVE-2025-39600 WordPress Integration for WooCommerce and QuickBooks plugin <= 1.3.1 - Cross Site Request Forgery (CSRF) Vulnerability — Integration for WooCommerce and QuickBooks 4.3 Medium2025-04-16
CVE-2025-3687 misstt123 oasys Sticky Notes cross-site request forgery — oasys 4.3 Medium2025-04-16
CVE-2025-30967 WordPress WPJobBoard plugin < 5.11.1 - CSRF to Remote Code Execution (RCE) vulnerability — WPJobBoard 9.6 Critical2025-04-15
CVE-2025-26903 WordPress InPost Gallery plugin <= 2.1.4.3 - Cross Site Request Forgery (CSRF) vulnerability — InPost Gallery 4.3 Medium2025-04-15
CVE-2025-26748 WordPress Arkhe theme <= 3.12.0 - CSRF to Local File Inclusion vulnerability — Arkhe 8.1 High2025-04-15
CVE-2025-24358 gorilla/csrf CSRF vulnerability due to broken Referer validation — csrf 7.1AIHighAI2025-04-15
CVE-2025-30965 WordPress WPJobBoard plugin < 5.11.1 - Multiple Cross Site Request Forgery (CSRF) vulnerabilities vulnerability — WPJobBoard 4.3 Medium2025-04-15
CVE-2025-27009 WordPress My auctions allegro plugin <= 3.6.33 - Cross Site Request Forgery (CSRF) vulnerability — My auctions allegro 7.1 High2025-04-14
CVE-2025-3561 ghostxbh uzy-ssm-mall cross-site request forgery — uzy-ssm-mall 4.3 Medium2025-04-14
CVE-2025-3557 ScriptAndTools eCommerce-website-in-PHP cross-site request forgery — eCommerce-website-in-PHP 4.3 Medium2025-04-14

Vulnerabilities classified as CWE-352 (跨站请求伪造(CSRF)) represent 4751 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.