Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-352 (跨站请求伪造(CSRF)) — Vulnerability Class 4753

4753 vulnerabilities classified as CWE-352 (跨站请求伪造(CSRF)). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2024-51633 WordPress Simple Page Specific Sidebars plugin <= 2.14.1 - CSRF to Stored Cross Site Scripting (XSS) vulnerability — Simple Page Specific Sidebars 7.1 High2024-11-19
CVE-2024-51635 WordPress While Loading plugin <= 3.0 - CSRF to Stored Cross Site Scripting (XSS) vulnerability — While Loading 7.1 High2024-11-19
CVE-2024-51636 WordPress Plugin Name: GMO Social Connection plugin <= 1.2 - CSRF to Stored Cross Site Scripting (XSS) vulnerability — GMO Social Connection 7.1 High2024-11-19
CVE-2024-51638 WordPress Awesome Shortcodes For Genesis plugin 1.1.8 - Cross Site Scripting (XSS) vulnerability — Awesome Shortcodes For Genesis 7.1 High2024-11-19
CVE-2024-51637 WordPress Admin SMS Alert plugin <= 1.1.0 - CSRF to Stored Cross Site Scripting (XSS) vulnerability — Admin SMS Alert 7.1 High2024-11-19
CVE-2024-51639 WordPress Naver Blog plugin <= 1.0 - CSRF to Stored XSS vulnerability — Naver Blog 7.1 High2024-11-19
CVE-2024-51640 WordPress MDR Webmaster Tools plugin <= 1.1 - CSRF to Stored XSS vulnerability — MDR Webmaster Tools 7.1 High2024-11-19
CVE-2024-51641 WordPress Advanced PDF Generator plugin <= 0.4.0 - CSRF to Stored XSS vulnerability — Advanced PDF Generator 7.1 High2024-11-19
CVE-2024-51643 WordPress Amazon Associate Filter plugin <= 0.4 - CSRF to Stored XSS vulnerability — Amazon Associate Filter 7.1 High2024-11-19
CVE-2024-51642 WordPress Seo Free plugin <= 1.4 - CSRF to Stored XSS vulnerability — Seo Free 7.1 High2024-11-19
CVE-2024-51644 WordPress Addressbook plugin <= 1.1.3 - CSRF to Stored XSS vulnerability — Addressbook 7.1 High2024-11-19
CVE-2024-51645 WordPress ThemeFuse Maintenance Mode plugin <= 1.1.3 - CSRF to Stored XSS vulnerability — ThemeFuse Maintenance Mode 7.1 High2024-11-19
CVE-2024-51649 WordPress Mobilize plugin <= 3.0.7 - CSRF to Stored Cross Site Scripting (XSS) vulnerability — Mobilize 7.1 High2024-11-19
CVE-2024-51648 WordPress e-shops plugin 1.0.3 - CSRF to Reflected Cross Site Scripting (XSS) vulnerability — e-shops 7.1 High2024-11-19
CVE-2024-51650 WordPress Random Featured Post plugin <= 1.1.3 - CSRF to Stored Cross Site Scripting (XSS) vulnerability — Random Featured Post 7.1 High2024-11-19
CVE-2024-51652 WordPress Skip To plugin <= 2.0.0 - CSRF to Stored Cross Site Scripting (XSS) vulnerability — Skip To 7.1 High2024-11-19
CVE-2024-51654 WordPress APK Downloader plugin <= 1.0.0 - CSRF to Stored Cross Site Scripting (XSS) vulnerability — APK Downloader 7.1 High2024-11-19
CVE-2024-51653 WordPress UPDATE NOTIFICATIONS plugin <= 0.3.4 - CSRF to Stored Cross Site Scripting (XSS) vulnerability — UPDATE NOTIFICATIONS 7.1 High2024-11-19
CVE-2024-51655 WordPress Custom Author URL plugin <= 2.0.1 - CSRF to Stored Cross Site Scripting (XSS) vulnerability — Custom Author URL 7.1 High2024-11-19
CVE-2024-51657 WordPress SmartLink Dynamic URLs plugin <= 1.1.0 - CSRF to Stored XSS vulnerability — SmartLink Dynamic URLs 7.1 High2024-11-19
CVE-2024-51656 WordPress Flash Show And Hide Box plugin <= 1.6 - CSRF to Stored Cross Site Scripting (XSS) vulnerability — Flash Show And Hide Box 7.1 High2024-11-19
CVE-2024-52421 WordPress WP Popup Window Maker plugin <= 2.0 - CSRF to Stored XSS vulnerability — WP Popup Window Maker 7.1 High2024-11-19
CVE-2024-52424 WordPress wp-login customizer plugin <= 1.0 - Cross Site Scripting (XSS) vulnerability — wp-login customizer 7.1 High2024-11-18
CVE-2024-52415 WordPress SK WP Settings Backup plugin <= 1.0 - CSRF to PHP Object Injection vulnerability — SK WP Settings Backup 8.8 High2024-11-16
CVE-2024-6628 EleForms – All In One Form Integration including DB for Elementor <= 2.9.9.9 - Cross-Site Request Forgery — EleForms – All In One Form Integration including DB for Elementor 4.3 Medium2024-11-16
CVE-2024-11118 404 Error Monitor <= 1.1 - Cross-Site Request Forgery to Plugin Settings Update via updatePluginSettings Function — 404 Error Monitor 5.3 Medium2024-11-16
CVE-2022-20853 Cisco Expressway Series and Cisco TelePresence VCS Cross-Site Request Forgery Vulnerability — Cisco TelePresence Video Communication Server (VCS) Expressway 7.4 High2024-11-15
CVE-2023-0737 CSRF in wallabag/wallabag — wallabag/wallabag 6.5AIMediumAI2024-11-15
CVE-2024-51658 WordPress WP Course Manager plugin <= 1.3 - CSRF to Stored XSS vulnerability — WP Course Manager 7.1 High2024-11-14
CVE-2024-51659 WordPress Twitter @Anywhere Plus plugin <= 2.0 - CSRF to Stored XSS vulnerability — Twitter @Anywhere Plus 7.1 High2024-11-14

Vulnerabilities classified as CWE-352 (跨站请求伪造(CSRF)) represent 4753 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.