CWE-352 (跨站请求伪造(CSRF)) — Vulnerability Class 4751

4751 vulnerabilities classified as CWE-352 (跨站请求伪造(CSRF)). AI Chinese analysis included.

CVE ID	Title	CVSS	Severity	Published
CVE-2023-38739	IBM Sterling B2B Integrator cross-site request forgery — Sterling B2B Integrator	4.3	Medium	2025-01-31
CVE-2025-24749	WordPress EZPZ SAML SP Single Sign On (SSO) plugin <= 1.2.5 - CSRF to Stored XSS vulnerability — EZPZ SAML SP Single Sign On (SSO)	7.1	High	2025-01-31
CVE-2025-24549	WordPress Post Meta plugin <= 1.0.9 - Reflected Cross Site Scripting (XSS) vulnerability — Post Meta	7.1	High	2025-01-31
CVE-2025-23990	WordPress Scroll Styler plugin <= 1.1 - CSRF to Stored XSS vulnerability — Scroll Styler	7.1	High	2025-01-31
CVE-2025-23989	WordPress Internal Link Builder plugin <= 1.0 - CSRF to Stored XSS vulnerability — Internal Link Builder	7.1	High	2025-01-31
CVE-2025-23978	WordPress FlashCounter plugin <= 1.1.8 - CSRF to Stored Cross Site Scripting (XSS) vulnerability — FlashCounter	7.1	High	2025-01-31
CVE-2025-23976	WordPress Issuu Panel plugin <= 2.1.1 - CSRF to Stored Cross Site Scripting (XSS) vulnerability — Issuu Panel	7.1	High	2025-01-31
CVE-2025-23980	WordPress Full Circle plugin <= 0.5.7.8 - CSRF to Stored Cross Site Scripting (XSS) vulnerability — Full Circle	7.1	High	2025-01-31
CVE-2025-23985	WordPress Dynamic URL SEO plugin <= 1.0 - Cross Site Request Forgery (CSRF) vulnerability — Dynamic URL SEO	5.4	Medium	2025-01-31
CVE-2025-23977	WordPress Post Carousel Slider plugin <= 2.0.1 - CSRF to Stored XSS vulnerability — Post Carousel Slider	7.1	High	2025-01-31
CVE-2024-1211	Cross-Site Request Forgery (CSRF) in GitLab — GitLab	6.4	Medium	2025-01-30
CVE-2024-13707	WP Image Uploader <= 1.0.1 - Cross-Site Request Forgery to Arbitrary File Deletion — WP Image Uploader	8.8	High	2025-01-30
CVE-2024-13720	WP Image Uploader <= 1.0.1 - Missing Authorization to Authenticated (Subscriber+) Arbitrary File Deletion — WP Image Uploader	8.8	High	2025-01-30
CVE-2024-13512	Wonder FontAwesome <= 0.8 - Cross-Site Request Forgery to Stored Cross-Site Scripting — Wonder FontAwesome	6.1	Medium	2025-01-30
CVE-2024-13758	CP Contact Form with PayPal <= 1.3.52 - Cross-Site Request Forgery — CP Contact Form with PayPal	6.5	Medium	2025-01-30
CVE-2024-13521	MailUp Auto Subscription <= 1.1.0 - Cross-Site Request Forgery to Stored Cross-Site Scripting — MailUp Auto Subscription	6.1	Medium	2025-01-28
CVE-2025-24742	WordPress WP Google Maps plugin <= 9.0.40 - Cross Site Request Forgery (CSRF) vulnerability — WP Go Maps	4.3	Medium	2025-01-27
CVE-2025-24538	WordPress BuddyPress Groups Extras plugin <= 3.6.10 - Cross Site Request Forgery (CSRF) vulnerability — BuddyPress Groups Extras	5.4	Medium	2025-01-27
CVE-2025-24540	WordPress Website Builder by SeedProd plugin <= 6.18.9 - Cross Site Request Forgery (CSRF) vulnerability — Coming Soon Page, Under Construction & Maintenance Mode by SeedProd	4.3	Medium	2025-01-27
CVE-2025-24537	WordPress The Events Calendar plugin <= 6.7.0 - Cross Site Request Forgery (CSRF) vulnerability — The Events Calendar	5.4	Medium	2025-01-27
CVE-2025-24533	WordPress MetaSlider plugin <= 3.92.0 - Cross Site Request Forgery (CSRF) vulnerability — Responsive Slider by MetaSlider	5.4	Medium	2025-01-27
CVE-2024-11641	VikBooking Hotel Booking Engine & PMS <= 1.7.2 - Cross-Site Request Forgery to Authenticated (Subscriber+) Arbitrary File Upload — VikBooking Hotel Booking Engine & PMS	8.8	High	2025-01-26
CVE-2024-13709	Linear <= 2.8.1 - Cross-Site Request Forgery to Cache Reset — Linear	4.3	Medium	2025-01-25
CVE-2025-24756	WordPress Roi Calculator plugin <= 1.0 - CSRF to Stored XSS vulnerability — Roi Calculator	7.1	High	2025-01-24
CVE-2025-24738	WordPress Call Now Button plugin <= 1.4.13 - Cross Site Request Forgery (CSRF) vulnerability — Call Now Button	4.3	Medium	2025-01-24
CVE-2025-24724	WordPress Side Menu Lite Plugin <= 5.3.1 - Cross Site Request Forgery (CSRF) to Settings Change vulnerability — Side Menu Lite	5.4	Medium	2025-01-24
CVE-2025-24739	WordPress FluentSMTP plugin <= 2.2.80 - Cross Site Request Forgery (CSRF) vulnerability — FluentSMTP	4.3	Medium	2025-01-24
CVE-2025-24716	WordPress Herd Effects Plugin <= 6.2.1 - Cross Site Request Forgery (CSRF) to Settings Change vulnerability — Herd Effects	5.4	Medium	2025-01-24
CVE-2025-24717	WordPress Modal Window Plugin <= 6.1.4 - Cross Site Request Forgery (CSRF) to Settings Change vulnerability — Modal Window	5.4	Medium	2025-01-24
CVE-2025-24715	WordPress Counter Box Plugin <= 2.0.5 - Cross Site Request Forgery (CSRF) to Settings Change vulnerability — Counter Box	5.4	Medium	2025-01-24

Vulnerabilities classified as CWE-352 (跨站请求伪造(CSRF)) represent 4751 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.

Goal Reached Thanks to every supporter — we hit 100%!

CWE-352 (跨站请求伪造(CSRF)) — Vulnerability Class 4751