Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-352 (跨站请求伪造(CSRF)) — Vulnerability Class 4753

4753 vulnerabilities classified as CWE-352 (跨站请求伪造(CSRF)). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2025-23513 WordPress Bible Embed plugin <= 0.0.4 - CSRF to Stored Cross Site Scripting (XSS) vulnerability — Bible Embed 7.1 High2025-01-16
CVE-2025-23501 WordPress Cookie Consent & Autoblock for GDPR/CCPA plugin <= 1.0.1 - CSRF to Stored Cross Site Scripting (XSS) vulnerability — Cookie Consent & Autoblock for GDPR/CCPA 7.1 High2025-01-16
CVE-2025-23508 WordPress Extra Options – Favicons plugin <= 1.1.0 - CSRF to Stored XSS vulnerability — Extra Options – Favicons 7.1 High2025-01-16
CVE-2025-23435 WordPress Password Protect Plugin for WordPress plugin <= 0.8.1.0 - CSRF to Stored XSS vulnerability — Password Protect Plugin for WordPress 7.1 High2025-01-16
CVE-2025-23497 WordPress Simple Project Manager plugin <= 1.2.2 - CSRF to Stored Cross Site Scripting (XSS) vulnerability — Simple Project Manager 7.1 High2025-01-16
CVE-2025-23471 WordPress ECT Add to Cart Button plugin <= 1.4 - CSRF to Stored XSS vulnerability — ECT Add to Cart Button 7.1 High2025-01-16
CVE-2025-23424 WordPress Marquee Style RSS News Ticker plugin <= 3.2.0 - CSRF to Stored Cross Site Scripting (XSS) vulnerability — Marquee Style RSS News Ticker 7.1 High2025-01-16
CVE-2025-23426 WordPress go Social plugin <= 1.0 - CSRF to Stored Cross Site Scripting (XSS) vulnerability — go Social 7.1 High2025-01-16
CVE-2025-23445 WordPress Easy Tynt plugin <= 0.2.5.1 - CSRF to Stored Cross Site Scripting (XSS) vulnerability — Easy Tynt 7.1 High2025-01-16
CVE-2025-23430 WordPress Mass Custom Fields Manager plugin <= 1.5 - CSRF to Cross Site Scripting (XSS) vulnerability — Mass Custom Fields Manager 7.1 High2025-01-16
CVE-2025-23455 WordPress WP VTiger Synchronization plugin <= 1.1.1 - CSRF to Stored XSS vulnerability — WP VTiger Synchronization 7.1 High2025-01-16
CVE-2025-23442 WordPress Shockingly Big IE6 Warning plugin <= 1.6.3 - CSRF to Stored XSS vulnerability — Shockingly Big IE6 Warning 7.1 High2025-01-16
CVE-2025-23436 WordPress Wp-Scribd-List plugin <= 1.2 - CSRF to XSS vulnerability — Wp-Scribd-List 7.1 High2025-01-16
CVE-2025-23456 WordPress EmailShroud plugin <= 2.2.1 - CSRF to Reflected Cross Site Scripting (XSS) vulnerability — EmailShroud 7.1 High2025-01-16
CVE-2025-23476 WordPress my-related-posts plugin <= 1.1 - CSRF to Stored XSS vulnerability — my-related-posts 7.1 High2025-01-16
CVE-2025-23483 WordPress Universal Analytics Injector plugin <= 1.0.3 - CSRF to Stored XSS vulnerability — Universal Analytics Injector 7.1 High2025-01-16
CVE-2025-23463 WordPress MD Custom content after or before of post plugin <= 1.0 - CSRF to Stored XSS vulnerability — MD Custom content after or before of post 7.1 High2025-01-16
CVE-2025-23470 WordPress Visit Site Link enhanced plugin <= 1.0 - CSRF to Stored XSS vulnerability — Visit Site Link enhanced 7.1 High2025-01-16
CVE-2025-23467 WordPress RSS News Scroller plugin <= 2.0.0 - CSRF to Stored XSS vulnerability — RSS News Scroller 7.1 High2025-01-16
CVE-2024-10789 WP User Profile Avatar <= 1.0.5 - Cross-Site Request Forgery to Settings Update — WP User Profile Avatar 4.3 Medium2025-01-16
CVE-2025-22731 WordPress Build Private Store For Woocommerce plugin <= 1.0 - Cross Site Request Forgery (CSRF) vulnerability — Build Private Store For Woocommerce 4.3 Medium2025-01-15
CVE-2025-22784 WordPress Background Control plugin <= 1.0.5 - CSRF to Arbitrary File Deletion vulnerability — Background Control 8.6 High2025-01-15
CVE-2024-55893 TYPO3 Cross-Site Request Forgery in Log Module — typo3 4.3 Medium2025-01-14
CVE-2024-55894 TYPO3 Cross-Site Request Forgery in Backend User Module — typo3 4.3 Medium2025-01-14
CVE-2024-55920 Cross-Site Request Forgery in Dashboard Module in TYPO3 — typo3 4.3 Medium2025-01-14
CVE-2024-55921 Cross-Site Request Forgery in Extension Manager Module in TYPO3 — typo3 7.5 High2025-01-14
CVE-2024-55922 Cross-Site Request Forgery in Form Framework Module in TYPO3 — typo3 5.4 Medium2025-01-14
CVE-2024-55923 Cross-Site Request Forgery in Indexed Search Module in TYPO3 — typo3 4.3 Medium2025-01-14
CVE-2024-55924 Cross-Site Request Forgery in Scheduler Module in TYPO3 — typo3 8.0 High2025-01-14
CVE-2024-55945 Cross-Site Request Forgery in DB Check Module in TYPO3 — typo3 4.3 Medium2025-01-14

Vulnerabilities classified as CWE-352 (跨站请求伪造(CSRF)) represent 4753 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.