CWE-352 (跨站请求伪造(CSRF)) — Vulnerability Class 4753

4753 vulnerabilities classified as CWE-352 (跨站请求伪造(CSRF)). AI Chinese analysis included.

CVE ID	Title	CVSS	Severity	Published
CVE-2024-31902	IBM InfoSphere Information Server cross-site request forgery — InfoSphere Information Server	4.3	Medium	2024-06-30
CVE-2024-6405	Floating Social Buttons <= 1.5 - Cross-Site Request Forgery — Floating Social Buttons	6.1	Medium	2024-06-29
CVE-2024-5712	CSRF Vulnerability in stitionai/devika — stitionai/devika	8.1^AI	High^AI	2024-06-28
CVE-2024-5935	CSRF Vulnerability in imartinez/privategpt — imartinez/privategpt	8.1^AI	High^AI	2024-06-27
CVE-2024-4839	CSRF in Servers Configurations in parisneo/lollms-webui — parisneo/lollms-webui	8.8^AI	High^AI	2024-06-24
CVE-2024-4499	CSRF Vulnerability in parisneo/lollms XTTS Server — parisneo/lollms	8.1^AI	High^AI	2024-06-24
CVE-2024-3593	UberMenu <= 3.8.3 - Cross-Site Request Forgery to Settings Reset — UberMenu	7.2	High	2024-06-22
CVE-2024-5596	ARMember Premium <= 6.7 - Cross-Site Request Forgery via multiple functions — ARMember Premium – Membership Plugin, Content Restriction, Member Levels, User Profile & User signup	6.3	Medium	2024-06-22
CVE-2024-37198	WordPress Digital Newspaper theme <= 1.1.5 - Cross Site Request Forgery (CSRF) vulnerability — Digital Newspaper	4.3	Medium	2024-06-21
CVE-2024-37212	WordPress AliExpress Dropshipping with AliNext Lite plugin <= 3.3.5 - CSRF to PHP Object Injection vulnerability — Ali2Woo Lite	8.3	High	2024-06-21
CVE-2024-37230	WordPress Book Landing Page theme <= 1.2.3 - Cross Site Request Forgery (CSRF) vulnerability — Book Landing Page	4.3	Medium	2024-06-21
CVE-2024-35770	WordPress Vimeography plugin <= 2.4.1 - Cross Site Request Forgery (CSRF) vulnerability — Vimeography: Vimeo Video Gallery WordPress Plugin	4.3	Medium	2024-06-21
CVE-2024-35771	WordPress Customizr theme <= 4.4.21 - Cross Site Request Forgery (CSRF) vulnerability — Customizr	4.3	Medium	2024-06-21
CVE-2024-35772	WordPress Hueman theme <= 3.7.24 - Cross Site Request Forgery (CSRF) vulnerability — Hueman	4.3	Medium	2024-06-21
CVE-2023-25697	WordPress GamiPress plugin <= 2.5.6 - CSRF Leading to Settings Change Vulnerability — GamiPress	5.4	Medium	2024-06-19
CVE-2023-50900	WordPress Master Slider plugin <= 3.9.10 - Cross Site Request Forgery (CSRF) vulnerability — Master Slider	4.3	Medium	2024-06-19
CVE-2024-5676	Paradox IP150 Internet Module Cross-Site Request Forgery — IP150 Internet Module	6.8	Medium	2024-06-19
CVE-2024-1407	Paid Memberships Pro <= 2.12.10 - Cross-Site Request Forgery to Membership Modification — Paid Memberships Pro – Content Restriction, User Registration, & Paid Subscriptions	5.4	Medium	2024-06-19
CVE-2024-5343	Photo Gallery, Images, Slider in Rbs Image Gallery <= 3.2.19 - Cross-Site Request Forgery to Post Creation and Limited Data Loss — Robo Gallery – Photo & Image Slider	8.8	High	2024-06-19
CVE-2024-4541	Custom Product List Table <= 3.0.0 - Cross-Site Request Forgery — Custom Product List Table	4.3	Medium	2024-06-19
CVE-2024-38276	moodle: CSRF risks due to misuse of confirm_sesskey — Moodle	8.8^AI	High^AI	2024-06-18
CVE-2024-5551	WP STAGING PRO - Backup Duplicator & Migration <= 5.6.0 - Cross-Site Request Forgery to Limited Local File Inclusion — WP STAGING Pro WordPress Backup Plugin	7.5	High	2024-06-14
CVE-2023-6492	Simple Sitemap <= 3.5.13 - Cross-Site Request Forgery via admin_notices — Simple Sitemap – Create a Responsive HTML Sitemap	4.3	Medium	2024-06-14
CVE-2024-0892	Schema App Structured Data <= 2.2.0 - Cross-Site Request Forgery — Schema App Structured Data	4.3	Medium	2024-06-14
CVE-2024-37306	CVAT's export and backup-related API endpoints are susceptible to CSRF — cvat	7.1	High	2024-06-13
CVE-2023-47845	WordPress Grab & Save plugin <= 1.0.4 - Cross-Site Request Forgery (CSRF) vulnerability — Grab & Save	4.3	Medium	2024-06-12
CVE-2024-35207	Siemens SINEC Traffic Analyzer 跨站请求伪造漏洞 — SINEC Traffic Analyzer	7.8	High	2024-06-11
CVE-2024-4403	CSRF in restart_program in parisneo/lollms-webui — parisneo/lollms-webui	8.1	-	2024-06-10
CVE-2024-5786	Cross-Site Request Forgery vulnerability in Comtrend router — Comtrend WLD71-T1_v2.0.201820	6.5	Medium	2024-06-10
CVE-2024-4328	CSRF in clear_personality_files_list in parisneo/lollms-webui — parisneo/lollms-webui	8.1	-	2024-06-10

Vulnerabilities classified as CWE-352 (跨站请求伪造(CSRF)) represent 4753 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.

Goal Reached Thanks to every supporter — we hit 100%!

CWE-352 (跨站请求伪造(CSRF)) — Vulnerability Class 4753