Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-352 (跨站请求伪造(CSRF)) — Vulnerability Class 4753

4753 vulnerabilities classified as CWE-352 (跨站请求伪造(CSRF)). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2024-51679 WordPress Appointmind plugin <= 4.0.0 - CSRF to Stored XSS vulnerability — Appointmind 7.1 High2024-11-14
CVE-2024-51684 WordPress W3P SEO plugin < 1.8.6 - CSRF to Stored XSS vulnerability — W3P SEO 7.1 High2024-11-14
CVE-2024-51687 WordPress Platform.ly Official plugin <= 1.1.3 - CSRF to Stored XSS vulnerability — Platform.ly Official 7.1 High2024-11-14
CVE-2024-51688 WordPress FraudLabs Pro SMS Verification plugin <= 1.10.1 - CSRF to Stored XSS vulnerability — FraudLabs Pro SMS Verification 7.1 High2024-11-14
CVE-2024-47914 VaeMendis - CWE-352: Cross-Site Request Forgery (CSRF) — VaeMendis Ubooquity version 2.1.2 4.5 Medium2024-11-14
CVE-2024-11143 Kognetiks Chatbot for WordPress <= 2.1.8 - Cross-Site Request Forgery to Authenticated (Subscriber+) Assistant Modification — Kognetiks Chatbot for WordPress 4.3 Medium2024-11-13
CVE-2024-10593 WPForms – Easy Form Builder for WordPress <= 1.9.1.6 - Cross-Site Request Forgery (CSRF) to Plugin's Log Deletion — WPForms – Easy Form Builder for WordPress – Contact Forms, Payment Forms, Surveys, & More 4.3 Medium2024-11-13
CVE-2024-11125 GetSimpleCMS profile.php cross-site request forgery — GetSimpleCMS 4.3 Medium2024-11-12
CVE-2024-51484 Insufficient Validation in Controllers (Activation/Deactivation) in Ampache — ampache 6.5AIMediumAI2024-11-11
CVE-2024-51485 Insufficient Validation in Plugins (Activation/Deactivation) in Ampache — ampache 6.5AIMediumAI2024-11-11
CVE-2024-51487 Insufficient Validation in Catalog (Activation/Deactivation) in Ampache — ampache 6.5AIMediumAI2024-11-11
CVE-2024-51488 Insufficient Validation in Delete Message in Ampache — ampache 8.1AIHighAI2024-11-11
CVE-2024-51489 Insufficient Message Token Validation in Ampache — ampache 8.1AIHighAI2024-11-11
CVE-2024-51630 WordPress Responsive Flickr Gallery plugin <= 1.3.1 - CSRF to Stored XSS vulnerability — Responsive Flickr Gallery 7.1 High2024-11-09
CVE-2024-51647 WordPress Featured Posts Scroll plugin <= 1.25 - CSRF to Stored Cross Site Scripting (XSS) vulnerability — Featured Posts Scroll 7.1 High2024-11-09
CVE-2024-52002 Cross-Site Request Forgery (CSRF) in several iTop pages — iTop 8.8 -2024-11-08
CVE-2024-10711 WooCommerce Report <= 1.5.1 - Cross-Site Request Forgery to Arbitrary Options Update — REPORTiT – Advanced Reporting for WooCommerce 8.8 High2024-11-05
CVE-2024-31998 CSRF security issue on CSV import in Combodo iTop — iTop 8.8 High2024-11-04
CVE-2024-47359 WordPress Depicter plugin <= 3.2.2 - Broken Access Control vulnerability — Depicter Slider 5.3 Medium2024-11-01
CVE-2024-10605 code-projects Blood Bank Management System request.php cross-site request forgery — Blood Bank Management System 4.3 Medium2024-10-31
CVE-2024-43930 WordPress JobSearch WP Job Board WordPress Plugin plugin <= 2.5.3 - Broken Access Control vulnerability — JobSearch 4.3 Medium2024-10-31
CVE-2024-43984 WordPress Podlove Podcast Publisher plugin <= 4.1.13 - CSRF to Remote Code Execution (RCE) vulnerability — Podlove Podcast Publisher 9.6 Critical2024-10-31
CVE-2024-49674 WordPress EKC Tournament Manager plugin <= 2.2.1 - CSRF to Arbitrary File Upload vulnerability — EKC Tournament Manager 9.6 Critical2024-10-31
CVE-2024-49685 WordPress Custom Twitter Feeds plugin <= 2.2.3 - Cross Site Request Forgery (CSRF) vulnerability — Custom Twitter Feeds (Tweets Widget) 5.4 Medium2024-10-31
CVE-2024-9434 WPGlobus Translate Options <= 2.2.0 - Cross-Site Request Forgery to Stored Cross-Site Scripting — WPGlobus Translate Options 6.1 Medium2024-10-31
CVE-2024-10557 code-projects Blood Bank Management System updateprofile.php cross-site request forgery — Blood Bank Management System 4.3 Medium2024-10-31
CVE-2024-24777 LevelOne WBR-6012 跨站请求伪造漏洞 — WBR-6012 8.8 High2024-10-30
CVE-2024-50466 WordPress DarkMySite – Advanced Dark Mode Plugin for WordPress plugin <= 1.2.8 - Cross Site Request Forgery (CSRF) vulnerability — DarkMySite – Advanced Dark Mode Plugin for WordPress 4.3 Medium2024-10-29
CVE-2024-9990 Crypto <= 2.15 - Cross-Site Request Forgery to Authentication Bypass — Crypto Tool 8.8 High2024-10-29
CVE-2024-6673 CSRF Vulnerability in parisneo/lollms-webui — parisneo/lollms-webui 8.1AIHighAI2024-10-29

Vulnerabilities classified as CWE-352 (跨站请求伪造(CSRF)) represent 4753 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.