Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-352 (跨站请求伪造(CSRF)) — Vulnerability Class 4753

4753 vulnerabilities classified as CWE-352 (跨站请求伪造(CSRF)). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2025-21193 Active Directory Federation Server Spoofing Vulnerability — Windows Server 2016 6.5 Medium2025-01-14
CVE-2025-23081 Various security vulnerabilities in Extension:DataTransfer — Mediawiki - DataTransfer Extension 9.6 -2025-01-14
CVE-2024-47100 Siemens SIMATIC S7-1200 跨站请求伪造漏洞 — SIMATIC S7-1200 CPU 1211C AC/DC/Rly 7.1 High2025-01-14
CVE-2025-0393 Royal Elementor Addons and Templates <= 1.7.1006 - Cross-Site Request Forgery to Reflected Cross-Site Scripting — Royal Addons for Elementor – Addons and Templates Kit for Elementor 6.1 Medium2025-01-14
CVE-2025-22963 Teedy 安全漏洞 — Teedy 7.5 High2025-01-13
CVE-2024-6662 CSRF in MegaBIP — MegaBIP 8.8 -2025-01-10
CVE-2025-23113 REDCap 安全漏洞 — REDCap 3.4 Low2025-01-10
CVE-2024-13304 Minify JS - Moderately critical - Cross site request forgery - SA-CONTRIB-2024-070 — Minify JS 8.8 -2025-01-09
CVE-2024-13293 POST File - Moderately critical - Cross Site Request Forgery - SA-CONTRIB-2024-059 — POST File 8.8 -2025-01-09
CVE-2024-13284 Gutenberg - Moderately critical - Cross Site Request Forgery - SA-CONTRIB-2024-048 — Gutenberg 8.8 -2025-01-09
CVE-2024-13261 Acquia DAM - Moderately critical - Cross Site Request Forgery, Denial of Service - SA-CONTRIB-2024-025 — Acquia DAM 8.8 -2025-01-09
CVE-2024-13260 Migrate queue importer - Moderately critical - Cross Site Request Forgery - SA-CONTRIB-2024-024 — Migrate queue importer 8.8 -2025-01-09
CVE-2024-13250 Drupal Symfony Mailer Lite - Moderately critical - Cross Site Request Forgery - SA-CONTRIB-2024-014 — Drupal Symfony Mailer Lite 8.8 -2025-01-09
CVE-2024-13244 Migrate Tools - Moderately critical - Cross Site Request Forgery - SA-CONTRIB-2024-008 — Migrate Tools 8.8 -2025-01-09
CVE-2025-22814 WordPress Zephyr Admin Theme Plugin <= 1.4.1 - CSRF to Stored XSS vulnerability — Zephyr Admin Theme 7.1 High2025-01-09
CVE-2024-12218 Woocommerce check pincode/zipcode for shipping <= 2.0.4 - Cross-Site Request Forgery to Reflected Cross-Site Scripting — Woocommerce check pincode/zipcode for shipping 6.1 Medium2025-01-09
CVE-2024-12605 AI Scribe – SEO AI Writer, Content Generator, Humanizer, Blog Writer, SEO Optimizer, DALLE-3, AI WordPress Plugin ChatGPT (GPT-4o 128K) <= 2.5 - Cross-Site Request Forgery to Settings Update — Opace AI Scribe: SEO Content Creator & Humaizer for OpenAI & Anthropic 4.3 Medium2025-01-09
CVE-2024-12206 Wordpress Header Builder Plugin <= 1.3.8 - Cross-Site Request Forgery to Header Deletion — Pearl – Header Builder 4.3 Medium2025-01-09
CVE-2024-13203 kurniaramadhan E-Commerce-PHP cross-site request forgery — E-Commerce-PHP 4.3 Medium2025-01-09
CVE-2025-22503 WordPress Admin debug wordpress – enable debug Plugin <= 1.0.13 - Cross Site Request Forgery vulnerability — Admin debug wordpress – enable debug 4.3 Medium2025-01-07
CVE-2025-22520 WordPress Tock Widget Plugin <= 1.1 - CSRF to Stored XSS vulnerability — Tock Widget 7.1 High2025-01-07
CVE-2025-22538 WordPress Virtual Bot Plugin <= 1.0.0 - CSRF Cross Site Scripting (XSS) vulnerability — Virtual Bot 7.1 High2025-01-07
CVE-2025-22552 WordPress Affiliate Disclosure Statement plugin <= 0.3 - CSRF to Stored XSS vulnerability — Affiliate Disclosure Statement 7.1 High2025-01-07
CVE-2025-22555 WordPress Smoothness Slider Shortcode plugin <= v1.2.2 - CSRF to Stored XSS vulnerability — Smoothness Slider Shortcode 7.1 High2025-01-07
CVE-2025-22557 WordPress News Publisher Autopilot plugin <= 2.1.4 - CSRF to Stored XSS vulnerability — News Publisher Autopilot 7.1 High2025-01-07
CVE-2025-22556 WordPress Norse Rune Oracle plugin <= 1.4.2 - CSRF to Stored XSS vulnerability — Norse Rune Oracle Plugin 7.1 High2025-01-07
CVE-2025-22559 WordPress TubePress.NET Plugin <= 4.0.1 - CSRF to Stored XSS vulnerability — TubePress.NET 7.1 High2025-01-07
CVE-2025-22562 WordPress Title Experiments Free plugin <= 9.0.4 - Cross Site Request Forgery (CSRF) vulnerability — Title Experiments Free 4.3 Medium2025-01-07
CVE-2025-22563 WordPress Pretty Urls Plugin <= 1.5.5 - Cross Site Request Forgery (CSRF) vulnerability — Pretty Url 4.3 Medium2025-01-07
CVE-2025-22571 WordPress Instabot plugin <= 1.10 - CSRF to Stored XSS vulnerability — Instabot 7.1 High2025-01-07

Vulnerabilities classified as CWE-352 (跨站请求伪造(CSRF)) represent 4753 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.