Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-352 (跨站请求伪造(CSRF)) — Vulnerability Class 4753

4753 vulnerabilities classified as CWE-352 (跨站请求伪造(CSRF)). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2024-56222 WordPress CodeBard Help Desk plugin <= 1.1.1 - Cross Site Request Forgery (CSRF) vulnerability — CodeBard Help Desk 5.4 Medium2024-12-31
CVE-2024-56229 WordPress SearchIQ plugin <= 4.6 - Cross-Site Requst Forgery (CSRF) vulnerability — SearchIQ 4.3 Medium2024-12-31
CVE-2024-56232 WordPress WP Nice Loader plugin <= 0.1.0.4 - CSRF to Stored XSS vulnerability — WP Nice Loader 7.1 High2024-12-31
CVE-2024-12955 PHPGurukul Blood Bank & Donor Management System logout.php cross-site request forgery — Blood Bank & Donor Management System 4.3 Medium2024-12-26
CVE-2024-12636 Privacy Policy Generator, Terms & Conditions Generator WordPress Plugin : WP Legal Pages <= 3.2.7 - Cross-Site Request Forgery — Privacy Policy Generator – WPLP Legal Pages 4.3 Medium2024-12-25
CVE-2024-12771 eCommerce Product Catalog Plugin for WordPress <= 3.3.43 - Cross-Site Request Forgery to Password Reset — eCommerce Product Catalog Plugin for WordPress 8.8 High2024-12-21
CVE-2024-11812 Wtyczka SeoPilot dla WP <= 3.3.091 - Cross-Site Request Forgery to Stored Cross-Site Scripting — Wtyczka SeoPilot dla WP 6.1 Medium2024-12-20
CVE-2024-56140 Bypass of CSRF Middleware in Astro — astro 5.9 Medium2024-12-18
CVE-2024-12454 Affiliate Program Suite — SliceWP Affiliates <= 1.1.23 - Cross-Site Request Forgery to Reflected Cross-Site Scripting — Affiliate Program Suite — SliceWP Affiliates 6.1 Medium2024-12-18
CVE-2024-12554 Peter’s Custom Anti-Spam <= 3.2.3 - Cross-Site Request Forgery via cas_register_post Function — Peter’s Custom Anti-Spam 5.4 Medium2024-12-18
CVE-2024-12293 User Role Editor <= 4.64.3 - Cross-Site Request Forgery to Privilege Escalation — User Role Editor 8.8 High2024-12-17
CVE-2024-12220 SMS for WooCommerce <= 2.8.1 - Cross-Site Request Forgery to Reflected Cross-Site Scripting — SMS for WooCommerce 6.1 Medium2024-12-17
CVE-2024-12219 Stop Registration Spam <= 1.23 - Cross-Site Request Forgery to Cross-Site Scripting — Stop Registration Spam 6.1 Medium2024-12-17
CVE-2024-56017 WordPress Stop Registration Spam Plugin <= 1.23 - CSRF to Stored XSS vulnerability — Stop Registration Spam 7.1 High2024-12-16
CVE-2024-54357 WordPress Avada theme <= 7.11.10 - Cross Site Request Forgery (CSRF) vulnerability — Avada 4.3 Medium2024-12-16
CVE-2024-37251 WordPress Advanced Custom Fields Pro plugin < 6.3.2 - Cross-Site Request Forgery (CSRF) vulnerability — Advanced Custom Fields PRO 4.3 Medium2024-12-16
CVE-2024-56015 WordPress Tidy Up Plugin <= 1.3 - CSRF to Reflected Cross-Site Scripting vulnerability — Tidy Up 7.1 High2024-12-16
CVE-2024-54368 WordPress GitSync plugin <= 1.1.0 - CSRF to Remote Code Execution vulnerability — GitSync 9.6 Critical2024-12-16
CVE-2024-54331 WordPress I Plant A Tree plugin <= 1.7.3 - CSRF to Stored Cross-Site Scripting vulnerability — I Plant A Tree 7.1 High2024-12-16
CVE-2024-54352 WordPress Sogrid plugin <= 1.5.2 - CSRF to Privilege Escalation vulnerability — Sogrid 8.8 High2024-12-16
CVE-2024-54355 WordPress WP Mailster plugin <= 1.8.17.0 - Cross Site Request Forgery (CSRF) vulnerability — WP Mailster 4.3 Medium2024-12-16
CVE-2024-54356 WordPress Online Booking & Scheduling Calendar for WordPress by vcita plugin <= 4.5 - Cross Site Request Forgery (CSRF) vulnerability — Online Booking & Scheduling Calendar for WordPress by vcita 5.4 Medium2024-12-16
CVE-2024-54372 WordPress Insertify plugin <= 1.1.4 - CSRF to Remote Code Execution vulnerability — Insertify 9.6 Critical2024-12-16
CVE-2024-54418 WordPress DTC Documents plugin <= 1.1.05 - Cross Site Request Forgery (CSRF) vulnerability — DTC Documents 5.4 Medium2024-12-16
CVE-2024-54396 WordPress Bet sport Free plugin <= 1.0.0 - Cross Site Request Forgery (CSRF) vulnerability — Bet sport Free 4.3 Medium2024-12-16
CVE-2024-56005 WordPress Posti Shipping Plugin <= 3.10.3 - CSRF to Settings Change vulnerability — Posti Shipping 6.5 Medium2024-12-16
CVE-2024-54419 WordPress Ui Slider Filter By Price plugin <= 1.1 - Cross Site Request Forgery (CSRF) vulnerability — Ui Slider Filter By Price 5.4 Medium2024-12-16
CVE-2024-54332 WordPress WP Currency Exchange Rates plugin <= 1.2.0 - CSRF to Stored XSS vulnerability — WP Currency Exchange Rates 7.1 High2024-12-16
CVE-2024-54353 WordPress Hack-Info plugin <= 3.17 - CSRF to Stored Cross Site Scripting (XSS) vulnerability — Hack-Info 7.1 High2024-12-16
CVE-2024-54386 WordPress Push Monkey Pro plugin <= 3.9 - CSRF to Stored XSS vulnerability — Push Monkey Pro – Web Push Notifications and WooCommerce Abandoned Cart 7.1 High2024-12-16

Vulnerabilities classified as CWE-352 (跨站请求伪造(CSRF)) represent 4753 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.