Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-352 (跨站请求伪造(CSRF)) — Vulnerability Class 4751

4751 vulnerabilities classified as CWE-352 (跨站请求伪造(CSRF)). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2025-26569 WordPress Post Thumbs Plugin <= 1.5 - CSRF to Stored XSS vulnerability — Post Thumbs 7.1 High2025-02-13
CVE-2025-26568 WordPress Easy Amazon Product Information plugin <= 4.0.1 - CSRF to Stored XSS vulnerability — Easy Amazon Product Information 7.1 High2025-02-13
CVE-2025-26562 WordPress RSS FIlter Plugin <= 1.2 - CSRF to Stored Cross Site Scripting (XSS) vulnerability — RSS Filter 7.1 High2025-02-13
CVE-2025-26549 WordPress WP Html Page Sitemap plugin <= 2.2 - CSRF to Stored Cross-Site Scripting — WP Html Page Sitemap 7.1 High2025-02-13
CVE-2025-26550 WordPress Global Meta Keyword & Description plugin <= 2.3 - CSRF to Cross-Site Scripting vulnerability — Global Meta Keyword & Description 7.1 High2025-02-13
CVE-2025-26545 WordPress Related Posts Line-up-Exactly by Milliard plugin <= 0.0.22 - CSRF to Stored XSS vulnerability — Related Posts Line-up-Exactly by Milliard 7.1 High2025-02-13
CVE-2025-26547 WordPress My Login Logout Plugin plugin <= 2.4 - CSRF to Stored Cross-Site Scripting vulnerability — My Login Logout Plugin 7.1 High2025-02-13
CVE-2025-26543 WordPress Simple Responsive Menu plugin <= 2.1 - CSRF to Stored XSS vulnerability — Simple Responsive Menu 7.1 High2025-02-13
CVE-2024-12386 WP Abstracts <= 2.7.3 - Cross-Site Request Forgery to Arbitrary Account Deletion — WP Abstracts 8.1 High2025-02-12
CVE-2024-13437 Book a Room <= 2.9 - Cross-Site Request Forgery to Settings Update — Book a Room 4.3 Medium2025-02-12
CVE-2025-0808 Houzez Property Feed <= 2.4.21 - Cross-Site Request Forgery to Property Feed Export Deletion — Houzez Property Feed 4.3 Medium2025-02-12
CVE-2025-24900 Concorde CSRF vulnerability due to insecure configuration of authentication cookie attributes — concorde 8.6 High2025-02-11
CVE-2025-24897 Misskey CSRF vulnerability due to insecure configuration of authentication cookie attributes — misskey 8.2 High2025-02-11
CVE-2025-24875 SameSite Defense in Depth not applied for some cookies in SAP Commerce — SAP Commerce 6.8 Medium2025-02-11
CVE-2024-9661 WP All Import Pro <= 4.9.7 - Cross-Site Request Forgery to Imported Content Deletion — WP All Import Pro 4.3 Medium2025-02-07
CVE-2025-25168 WordPress BookPress – For Book Authors Plugin <= 1.2.7 - CSRF to Stored XSS vulnerability — BookPress – For Book Authors 7.1 High2025-02-07
CVE-2025-25166 WordPress InLocation plugin <= 1.8 - Cross Site Scripting (XSS) vulnerability — InLocation 7.1 High2025-02-07
CVE-2025-25154 WordPress Custom Comment Notifications plugin <= 1.0.8 - CSRF to Stored XSS vulnerability — Custom Comment Notifications 7.1 High2025-02-07
CVE-2025-25152 WordPress Smart DoFollow plugin <= 1.0.2 - CSRF to Stored XSS vulnerability — Smart DoFollow 7.1 High2025-02-07
CVE-2025-25160 WordPress Style Tweaker plugin <= 0.11 - CSRF to Stored XSS vulnerability — Style Tweaker 7.1 High2025-02-07
CVE-2025-25156 WordPress Quote Comments plugin <= 3.0.0 - CSRF to Stored XSS vulnerability — Quote Comments 7.1 High2025-02-07
CVE-2025-25153 WordPress Simple Auto Tag plugin <= 1.1 - CSRF to Stored XSS vulnerability — Simple Auto Tag 7.1 High2025-02-07
CVE-2025-25149 WordPress Login-box plugin <= 2.0.4 - CSRF to Stored XSS vulnerability — Login-box 7.1 High2025-02-07
CVE-2025-25147 WordPress Auto SEO plugin <= 2.5.6 - CSRF to Stored XSS vulnerability — Auto SEO 7.1 High2025-02-07
CVE-2025-25143 WordPress GlobalQuran Plugin <= 1.0 - CSRF to Settings Change vulnerability — GlobalQuran 4.3 Medium2025-02-07
CVE-2025-25138 WordPress On Page SEO + Social Live Chat (Formerly OPS) plugin <= 2.0.0 - CSRF to Stored XSS vulnerability — On Page SEO + Whatsapp Chat Button 7.1 High2025-02-07
CVE-2025-25135 WordPress Custom Links On Admin Dashboard Toolbar plugin <= 3.3 - CSRF to Stored XSS vulnerability — Custom Links On Admin Dashboard Toolbar 7.1 High2025-02-07
CVE-2025-25148 WordPress Read More Copy Link plugin <= 1.0.2 - CSRF to Stored XSS vulnerability — Read More Copy Link 7.1 High2025-02-07
CVE-2025-25139 WordPress WP Custom Post RSS Feed plugin <= 1.0.0 - CSRF to Stored XSS vulnerability — WP Custom Post RSS Feed 7.1 High2025-02-07
CVE-2025-25140 WordPress Simple User Profile plugin <= 1.9 - CSRF to Stored XSS vulnerability — Simple User Profile 7.1 High2025-02-07

Vulnerabilities classified as CWE-352 (跨站请求伪造(CSRF)) represent 4751 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.