Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-352 (跨站请求伪造(CSRF)) — Vulnerability Class 4751

4751 vulnerabilities classified as CWE-352 (跨站请求伪造(CSRF)). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2025-32617 WordPress Multiple Location Google Map plugin <= 1.1 - CSRF to Stored XSS vulnerability — Multiple Location Google Map 7.1 High2025-04-09
CVE-2025-32619 WordPress KeyCAPTCHA plugin <= 2.5.1 - CSRF to Stored XSS vulnerability — KeyCAPTCHA 7.1 High2025-04-09
CVE-2025-32621 WordPress WP Map Route Planner plugin <= 1.0.0 - CSRF to Stored XSS vulnerability — WP Map Route Planner 7.1 High2025-04-09
CVE-2025-32623 WordPress PlainInventory plugin <= 3.1.9 - CSRF to Stored XSS vulnerability — PlainInventory 7.1 High2025-04-09
CVE-2025-32641 WordPress Anant Addons for Elementor plugin <= 1.1.8 - CSRF to Arbitrary Plugin Installation vulnerability — Anant Addons for Elementor 9.6 Critical2025-04-09
CVE-2025-32642 WordPress Vite Coupon plugin <= 1.0.9 - CSRF to Remote Code Execution (RCE) vulnerability — Vite Coupon 9.6 Critical2025-04-09
CVE-2025-32644 WordPress IP2Location World Clock Plugin <= 1.1.9 - CSRF to Stored XSS vulnerability — IP2Location World Clock 7.1 High2025-04-09
CVE-2025-32645 WordPress Custom Posts Order Plugin <= 4.4 - CSRF to Stored Cross Site Scripting (XSS) vulnerability — Custom Posts Order 7.1 High2025-04-09
CVE-2025-32661 WordPress Interactive US Map plugin <= 2.7 - CSRF to Stored XSS vulnerability — Interactive US Map 7.1 High2025-04-09
CVE-2025-32659 WordPress FraudLabs Pro for WooCommerce plugin <= 2.22.8 - CSRF to Stored XSS vulnerability — FraudLabs Pro for WooCommerce 7.1 High2025-04-09
CVE-2025-32664 WordPress Nepali Date Utilities plugin <= 1.0.15 - CSRF to Stored XSS vulnerability — Nepali Date Utilities 7.1 High2025-04-09
CVE-2025-32667 WordPress Doppler Forms plugin <= 2.5.1 - CSRF to Stored XSS vulnerability — Doppler Forms 7.1 High2025-04-09
CVE-2025-32669 WordPress Mergado Pack plugin <= 4.2.1 - Cross Site Request Forgery (CSRF) vulnerability — Mergado Pack 7.1 High2025-04-09
CVE-2025-32673 WordPress Epeken All Kurir plugin <= 2.0.6 - Cross Site Request Forgery (CSRF) vulnerability — Epeken All Kurir 7.1 High2025-04-09
CVE-2025-32678 WordPress WP Show Stats plugin <= 1.5 - Cross Site Request Forgery (CSRF) vulnerability — WP Show Stats 4.3 Medium2025-04-09
CVE-2025-32679 WordPress User Registration Using Contact Form 7 plugin <= 2.4 - Cross Site Request Forgery (CSRF) vulnerability — User Registration Using Contact Form 7 5.4 Medium2025-04-09
CVE-2025-25056 Inaba Denki Sangyo Wi-Fi AP UNIT 跨站请求伪造漏洞 — AC-WPS-11ac 4.3 Medium2025-04-09
CVE-2025-27189 Adobe Commerce | Cross-Site Request Forgery (CSRF) (CWE-352) — Adobe Commerce 4.3 Medium2025-04-08
CVE-2025-27442 Zoom Workplace Apps - Cross Site Scripting — Zoom Workplace Apps 4.6 Medium2025-04-08
CVE-2025-27441 Zoom Workplace Apps - Cross Site Scripting — Zoom Workplace Apps 4.6 Medium2025-04-08
CVE-2024-41795 Siemens SENTRON 7KT PAC1260 Data Manager 跨站请求伪造漏洞 — SENTRON 7KT PAC1260 Data Manager 6.5 Medium2025-04-08
CVE-2025-3064 WPFront User Role Editor <= 4.2.1 - Cross-Site Request Forgery to Privilege Escalation via whitelist_options Function — WPFront User Role Editor 8.8 High2025-04-08
CVE-2024-11071 Improper Access Control In DestinyECM — DestinyECM 8.8 High2025-04-07
CVE-2025-0810 Read More & Accordion <= 3.4.7 - Cross-Site Request Forgery to Local File Inclusion — Read More & Accordion 7.5 High2025-04-05
CVE-2025-3257 xujiangfei admintwo updateSet cross-site request forgery — admintwo 4.3 Medium2025-04-04
CVE-2025-32250 WordPress Rollbar plugin <= 2.7.1 - Cross Site Request Forgery (CSRF) vulnerability — Rollbar 5.4 Medium2025-04-04
CVE-2025-32280 WordPress WP Project Manager plugin < 2.6.25 - Cross Site Request Forgery (CSRF) Vulnerability — WP Project Manager 4.3 Medium2025-04-04
CVE-2025-32278 WordPress Table Block by RioVizual plugin <= 2.3.1 - Cross Site Request Forgery (CSRF) vulnerability — Table Block by RioVizual 4.3 Medium2025-04-04
CVE-2025-32276 WordPress Administrator Z plugin <= 2026.04.05 - Cross Site Request Forgery (CSRF) vulnerability — Administrator Z 4.3 Medium2025-04-04
CVE-2025-32274 WordPress w3all phpBB integration Plugin <= 2.9.8 - Cross Site Request Forgery (CSRF) vulnerability — WP w3all phpBB 4.3 Medium2025-04-04

Vulnerabilities classified as CWE-352 (跨站请求伪造(CSRF)) represent 4751 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.