Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-352 (跨站请求伪造(CSRF)) — Vulnerability Class 4753

4753 vulnerabilities classified as CWE-352 (跨站请求伪造(CSRF)). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2025-23044 Cross-Site Request Forgery (CSRF) allows creating admin account with POST request — pwndoc 6.8 Medium2025-01-20
CVE-2024-12385 WP Abstracts <= 2.7.2 - Cross-Site Request Forgery to Reflected Cross-Site Scripting — WP Abstracts 6.1 Medium2025-01-18
CVE-2024-13317 ShipWorks Connector for Woocommerce <= 5.2.5 - Cross-Site Request Forgery to Service Password/Username Update — ShipWorks Connector for Woocommerce 4.3 Medium2025-01-18
CVE-2024-13432 Webcamconsult <= 1.5.0 - Cross-Site Request Forgery to Stored Cross-Site Scripting — Webcamconsult 6.1 Medium2025-01-18
CVE-2024-26153 ETIC Telecom Remote Access Server (RAS) Cross-Site Request Forgery — Remote Access Server (RAS) 7.4 High2025-01-17
CVE-2025-23815 WordPress root Cookie plugin <= 1.6 - CSRF to Stored XSS vulnerability — root Cookie 7.1 High2025-01-16
CVE-2025-23793 WordPress Auto FTP plugin <= 1.0.1 - CSRF to Stored Cross-Site Scripting vulnerability — Auto FTP 7.1 High2025-01-16
CVE-2025-23922 WordPress iSpring Embedder plugin <= 1.0 - CSRF to Arbitrary File Upload vulnerability — iSpring Embedder 10.0 Critical2025-01-16
CVE-2025-23901 WordPress GravatarLocalCache plugin <= 1.1.2 - CSRF to Stored XSS vulnerability — GravatarLocalCache 7.1 High2025-01-16
CVE-2025-23900 WordPress Genki Announcement plugin <= 1.4.1 - CSRF to Stored XSS vulnerability — Genki Announcement 7.1 High2025-01-16
CVE-2025-23902 WordPress Error Notification plugin <= 0.2.7 - CSRF to Stored XSS vulnerability — Error Notification 7.1 High2025-01-16
CVE-2025-23898 WordPress Apply with LinkedIn buttons plugin <= 2.3 - CSRF to Stored XSS vulnerability — Apply with LinkedIn buttons 7.1 High2025-01-16
CVE-2025-23884 WordPress Annie plugin <= 2.1.1 - CSRF to Stored XSS vulnerability — Annie 7.1 High2025-01-16
CVE-2025-23895 WordPress Add RSS plugin <= 1.5 - CSRF to Stored XSS vulnerability — Add RSS 7.1 High2025-01-16
CVE-2025-23875 WordPress Better Protected Pages plugin <= 1.0 - Cross Site Request Forgery (CSRF) vulnerability — Better Protected Pages 7.1 High2025-01-16
CVE-2025-23880 WordPress amr personalise plugin <= 2.10 - CSRF to Stored XSS vulnerability — amr personalise 7.1 High2025-01-16
CVE-2025-23872 WordPress PayForm plugin <= 2.0 - CSRF to Stored XSS vulnerability — PayForm 7.1 High2025-01-16
CVE-2025-23871 WordPress LSD Google Maps Embedder plugin <= 1.1 - CSRF to Stored XSS vulnerability — LSD Google Maps Embedder 7.1 High2025-01-16
CVE-2025-23870 WordPress Copyright Safeguard Footer Notice plugin <= 3.0 - CSRF to Stored Cross Site Request Forgery (CSRF) vulnerability — Copyright Safeguard Footer Notice 7.1 High2025-01-16
CVE-2025-23869 WordPress CJ Custom Content plugin <= 2.0 - CSRF to Cross-Site Scripting vulnerability — CJ Custom Content 7.1 High2025-01-16
CVE-2025-23861 WordPress Debt Calculator plugin <= 1.0.1 - CSRF to Stored XSS vulnerability — Debt Calculator 7.1 High2025-01-16
CVE-2025-23842 WordPress WordPress Gallery Plugin plugin <= 1.4 - CSRF to Stored XSS vulnerability — WordPress Gallery Plugin 7.1 High2025-01-16
CVE-2025-23848 WordPress Hotspots Analytics plugin <= 4.0.12 - CSRF to Stored XSS vulnerability — Hotspots Analytics 7.1 High2025-01-16
CVE-2025-23844 WordPress Custom Widget Classes plugin <= 1.1 - CSRF to Stored XSS vulnerability — Custom Widget Classes 7.1 High2025-01-16
CVE-2025-23823 WordPress CNZZ&51LA for WordPress plugin <= 1.0.1 - CSRF to Stored XSS vulnerability — CNZZ&51LA for WordPress 7.1 High2025-01-16
CVE-2025-23832 WordPress Admin Cleanup plugin <= 1.0.2 - CSRF to Stored XSS vulnerability — Admin Cleanup 7.1 High2025-01-16
CVE-2025-23821 WordPress WP Cookies Alert plugin <= 1.1.1 - CSRF to Stored XSS vulnerability — WP Cookies Alert 7.1 High2025-01-16
CVE-2025-23820 WordPress Content Security Policy Pro plugin <= 1.3.5 - CSRF to Stored XSS vulnerability — Content Security Policy Pro 7.1 High2025-01-16
CVE-2025-23818 WordPress More Link Modifier plugin <= 1.0.3 - CSRF to Cross-Site Scripting vulnerability — More Link Modifier 7.1 High2025-01-16
CVE-2025-23822 WordPress Category Custom Fields plugin <= 1.0 - CSRF to Stored XSS vulnerability — Category Custom Fields 7.1 High2025-01-16

Vulnerabilities classified as CWE-352 (跨站请求伪造(CSRF)) represent 4753 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.