CWE-352 (跨站请求伪造(CSRF)) — Vulnerability Class 4751

4751 vulnerabilities classified as CWE-352 (跨站请求伪造(CSRF)). AI Chinese analysis included.

CVE ID	Title	CVSS	Severity	Published
CVE-2025-31859	WordPress Feedbucket – Website Feedback Tool Plugin <= 1.0.6 - Cross Site Request Forgery (CSRF) vulnerability — Feedbucket – Website Feedback Tool	5.4	Medium	2025-04-01
CVE-2025-31852	WordPress Bulk Product Sync plugin <= 8.6 - Cross Site Request Forgery (CSRF) vulnerability — Bulk Product Sync	4.3	Medium	2025-04-01
CVE-2025-31845	WordPress Theme Duplicator Plugin <= 1.1 - Cross Site Request Forgery (CSRF) vulnerability — Theme Duplicator	4.3	Medium	2025-04-01
CVE-2025-31840	WordPress Simple Fixed Notice Plugin <= 1.6 - Cross Site Request Forgery (CSRF) vulnerability — Simple Fixed Notice	4.3	Medium	2025-04-01
CVE-2025-31839	WordPress Footer Contacts Bar plugin <= 1.8 - Cross Site Request Forgery (CSRF) vulnerability — DN Footer Contacts	4.3	Medium	2025-04-01
CVE-2025-31828	WordPress Easy!Appointments plugin <= 1.4.2 - Cross Site Request Forgery (CSRF) to Settings Change vulnerability — Easy!Appointments	4.3	Medium	2025-04-01
CVE-2025-31814	WordPress OwnerRez Plugin <= 1.2.0 - Cross Site Request Forgery (CSRF) vulnerability — OwnerRez API	4.3	Medium	2025-04-01
CVE-2025-31809	WordPress Labinator Content Types Duplicator Plugin <= 1.1.3 - Cross Site Request Forgery (CSRF) vulnerability — Labinator Content Types Duplicator	4.3	Medium	2025-04-01
CVE-2025-31808	WordPress SCSS WP Editor plugin <= 1.2.1 - Cross Site Request Forgery (CSRF) vulnerability — SCSS WP Editor	4.3	Medium	2025-04-01
CVE-2025-31807	WordPress Product Notices for WooCommerce plugin <= 1.3.4 - Cross Site Request Forgery (CSRF) vulnerability — Product Notices for WooCommerce	4.3	Medium	2025-04-01
CVE-2025-31785	WordPress Clearbit Reveal plugin <= 1.0.6 - Cross Site Request Forgery (CSRF) vulnerability — Clearbit Reveal	5.4	Medium	2025-04-01
CVE-2025-31784	WordPress Embed Extended – Embed Maps, Videos, Websites, Source Codes, and more Plugin <= 1.4.0 - Cross Site Request Forgery (CSRF) vulnerability — Embed Extended	4.3	Medium	2025-04-01
CVE-2025-31779	WordPress Query Wrangler plugin <= 1.5.54 - Cross Site Request Forgery (CSRF) vulnerability — Query Wrangler	5.4	Medium	2025-04-01
CVE-2025-31776	WordPress Uptime Robot Plugin <= 2.3 - Cross Site Request Forgery (CSRF) vulnerability — Uptime Robot Plugin for WordPress	4.3	Medium	2025-04-01
CVE-2025-31775	WordPress Google SEO Pressor for Rich snippets Plugin <= 2.0 - Cross Site Request Forgery (CSRF) vulnerability — Google SEO Pressor Snippet	4.3	Medium	2025-04-01
CVE-2025-31769	WordPress CLP – Custom Login Page by NiteoThemes plugin <= 1.5.5 - Cross Site Request Forgery (CSRF) vulnerability — CLP – Custom Login Page by NiteoThemes	4.3	Medium	2025-04-01
CVE-2025-31763	WordPress Cache control by Cacholong Plugin <= 5.4.1 - Cross Site Request Forgery (CSRF) vulnerability — Cache control by Cacholong	4.3	Medium	2025-04-01
CVE-2025-31756	WordPress TZ PlusGallery Plugin <= 1.5.5 - Cross Site Request Forgery (CSRF) vulnerability — TZ PlusGallery	4.3	Medium	2025-04-01
CVE-2025-31751	WordPress Breaking News WP Plugin <= 1.3 - CSRF to Settings Change vulnerability — Breaking News WP	6.5	Medium	2025-04-01
CVE-2025-3037	yzk2356911358 StudentServlet-JSP cross-site request forgery — StudentServlet-JSP	4.3	Medium	2025-03-31
CVE-2025-31690	Cache Utility - Moderately critical - Cross Site Request Forgery - SA-CONTRIB-2025-019 — Cache Utility	8.8	-	2025-03-31
CVE-2025-31689	General Data Protection Regulation - Moderately critical - Cross Site Request Forgery - SA-CONTRIB-2025-018 — General Data Protection Regulation	8.8	-	2025-03-31
CVE-2025-31688	Configuration Split - Moderately critical - Cross Site Request Forgery - SA-CONTRIB-2025-017 — Configuration Split	8.8	-	2025-03-31
CVE-2025-31684	OAuth2 Client - Moderately critical - Cross Site Request Forgery - SA-CONTRIB-2025-013 — OAuth2 Client	8.8	-	2025-03-31
CVE-2025-31683	Google Tag - Moderately critical - Cross Site Request Forgery - SA-CONTRIB-2025-012 — Google Tag	8.8	-	2025-03-31
CVE-2025-31680	Matomo Analytics - Moderately critical - Cross site request forgery - SA-CONTRIB-2025-008 — Matomo Analytics	8.8	-	2025-03-31
CVE-2025-31677	AI (Artificial Intelligence) - Critical - Cross Site Request Forgery - SA-CONTRIB-2025-003 — AI (Artificial Intelligence)	8.8	-	2025-03-31
CVE-2025-29929	Tuleap is missing CSRF protection on tracker hierarchy administration — tuleap	4.6	Medium	2025-03-31
CVE-2025-29766	Tuleap has missing CSRF protections on artifact submission & edition from the tracker view — tuleap	4.6	Medium	2025-03-31
CVE-2025-31623	WordPress Rich Text Editor plugin <= 1.0.1 - CSRF to Stored XSS vulnerability — Rich Text Editor	7.1	High	2025-03-31

Vulnerabilities classified as CWE-352 (跨站请求伪造(CSRF)) represent 4751 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.

Goal Reached Thanks to every supporter — we hit 100%!

CWE-352 (跨站请求伪造(CSRF)) — Vulnerability Class 4751