Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-352 (跨站请求伪造(CSRF)) — Vulnerability Class 4753

4753 vulnerabilities classified as CWE-352 (跨站请求伪造(CSRF)). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2025-22582 WordPress Uptime Robot plugin <= 0.1.3 - CSRF to Stored XSS vulnerability — Uptime Robot 7.1 High2025-01-07
CVE-2025-22589 WordPress Quote Tweet plugin <= 0.7 - CSRF to Stored XSS vulnerability — Quote Tweet 7.1 High2025-01-07
CVE-2025-22590 WordPress Prayer Times Anywhere plugin <= 2.0.1 - CSRF to Stored XSS vulnerability — Prayer Times Anywhere 7.1 High2025-01-07
CVE-2024-49294 WordPress WpBusTicketly plugin <= 5.4.3 - Cross Site Request Forgery (CSRF) vulnerability — Bus Ticket Booking with Seat Reservation 4.3 Medium2025-01-07
CVE-2025-22297 WordPress AI WP Writer plugin <= 3.8.4.4 - Cross Site Request Forgery (CSRF) vulnerability — AI WP Writer 4.3 Medium2025-01-07
CVE-2025-22300 WordPress PixelYourSite plugin <= 10.0.1.2 - Cross Site Request Forgery (CSRF) vulnerability — PixelYourSite – Your smart PIXEL (TAG) Manager 5.4 Medium2025-01-07
CVE-2025-22301 WordPress MyBookTable Bookstore by Stormhill Media plugin <= 3.5.3 - Cross Site Request Forgery (CSRF) vulnerability — MyBookTable Bookstore 5.4 Medium2025-01-07
CVE-2025-22325 WordPress Autocompleter plugin <= 1.3.5.2 - CSRF to Stored XSS vulnerability — Autocompleter 7.1 High2025-01-07
CVE-2025-22328 WordPress Elevio plugin <= 4.4.1 - CSRF to Stored XSS vulnerability — Elevio 7.1 High2025-01-07
CVE-2025-22336 WordPress Wizhi Multi Filters by Wenprise plugin <= 1.8.6 - CSRF to Stored Cross Site Scripting (XSS) vulnerability — Wizhi Multi Filters by Wenprise 7.1 High2025-01-07
CVE-2025-22342 WordPress WP Simple Sitemap plugin <= 0.2 - CSRF to Stored XSS vulnerability — WP Simple Sitemap 7.1 High2025-01-07
CVE-2025-22343 WordPress wpSOL plugin <= 1.2.0 - CSRF to Stored XSS vulnerability — wpSOL 7.1 High2025-01-07
CVE-2025-22347 WordPress BSK Forms Blacklist plugin <= 3.9 - CSRF to SQL Injection vulnerability — BSK Forms Blacklist 8.2 High2025-01-07
CVE-2024-12383 Binary MLM Woocommerce <= 2.0 - Cross-Site Request Forgery to Stored Cross-Site Scripting — Binary MLM For WooCommerce 6.1 Medium2025-01-07
CVE-2024-12322 ThePerfectWedding.nl Widget <= 2.8 - Cross-Site Request Forgery to Stored Cross-Site Scripting — ThePerfectWedding.nl Widget 8.8 High2025-01-07
CVE-2024-12291 ViewMedica 9 <= 1.4.17 - Cross-Site Request Forgery to Reflected Cross-Site Scripting — ViewMedica 9 6.1 Medium2025-01-07
CVE-2024-12170 ViewMedica Embed <= 1.4.15 - Cross-Site Request Forgery to SQL Injection — ViewMedica 9 5.4 Medium2025-01-07
CVE-2024-12288 Simple add pages or posts <= 2.0.0 - Cross-Site Request Forgery to Reflected Cross-Site Scripting — Simple add pages or posts 6.1 Medium2025-01-07
CVE-2024-12541 Chative Live chat and Chatbot <= 1.1 - Cross-Site Request Forgery via add_chative_widget_action Function — Chative Live chat and Chatbot 5.4 Medium2025-01-07
CVE-2024-12557 Transporters.io <= 2.1.1 - Cross-Site Request Forgery to Stored Cross-Site Scripting — Transporters.io 6.1 Medium2025-01-07
CVE-2024-55076 Grocy 安全漏洞 — Grocy 8.1 High2025-01-06
CVE-2024-12279 WP Social AutoConnect <= 4.6.2 - Cross-Site Request Forgery to Reflected Cross-Site Scripting — WP Social AutoConnect 6.1 Medium2025-01-04
CVE-2024-12545 Scratch & Win – Giveaways and Contests <= 2.7.1 - Cross-Site Request Forgery via reset_installation Function — Scratch & Win – Giveaways and Contests. Boost subscribers, traffic, repeat visits, referrals, sales and more 5.4 Medium2025-01-04
CVE-2024-37237 WordPress FS Poster plugin <= 6.5.8 - Cross Site Request Forgery (CSRF) vulnerability — FS Poster 4.3 Medium2025-01-02
CVE-2024-37241 WordPress WP Job Manager Resume Manager plugin <= 2.1.0 - Cross Site Request Forgery (CSRF) vulnerability — WP Job Manager - Resume Manager 4.3 Medium2025-01-02
CVE-2024-37438 WordPress Uncanny Toolkit Pro for LearnDash plugin < 4.1.4.1 - Cross Site Request Forgery (CSRF) vulnerability — Uncanny Toolkit Pro for LearnDash 5.4 Medium2025-01-02
CVE-2024-37452 WordPress Schema Lite theme <= 1.2.2 - Cross Site Request Forgery (CSRF) vulnerability — Schema Lite 4.3 Medium2025-01-02
CVE-2024-37925 WordPress BuddyBoss Theme theme <= 2.4.61 - Cross Site Request Forgery (CSRF) vulnerability — BuddyBoss Theme 5.4 Medium2025-01-02
CVE-2024-37931 WordPress Point theme <= 1.1 - Cross Site Request Forgery (CSRF) vulnerability — Point 4.3 Medium2025-01-02
CVE-2024-38731 WordPress i-amaze theme <= 1.3.7 - Cross Site Request Forgery (CSRF) vulnerability — i-amaze 4.3 Medium2025-01-02

Vulnerabilities classified as CWE-352 (跨站请求伪造(CSRF)) represent 4753 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.