Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-352 (跨站请求伪造(CSRF)) — Vulnerability Class 4753

4753 vulnerabilities classified as CWE-352 (跨站请求伪造(CSRF)). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2024-35657 WordPress WP-Recall plugin <= 16.26.6 - Cross Site Request Forgery (CSRF) vulnerability — WP-Recall 5.4 Medium2024-06-08
CVE-2024-35684 WordPress ElasticPress plugin <= 5.1.1 - Cross Site Request Forgery (CSRF) vulnerability — ElasticPress 4.3 Medium2024-06-08
CVE-2024-35689 WordPress Analytify plugin <= 5.2.3 - Cross Site Request Forgery (CSRF) vulnerability — Analytify 5.4 Medium2024-06-08
CVE-2024-2288 CSRF File Upload Vulnerability in parisneo/lollms-webui — parisneo/lollms-webui 7.1AIHighAI2024-06-06
CVE-2024-1879 CSRF to RCE in significant-gravitas/autogpt — significant-gravitas/autogpt 8.8AIHighAI2024-06-06
CVE-2024-35673 WordPress Pure Chat plugin <= 2.22 - Cross Site Request Forgery (CSRF) vulnerability — Pure Chat 4.3 Medium2024-06-05
CVE-2024-2368 Mollie Forms <= 2.6.13 - Cross-Site Request Forgery to Arbitrary Post Duplication — Mollie Forms 4.3 Medium2024-06-05
CVE-2024-35632 WordPress Integration for Constant Contact and Contact Form 7, WPForms, Elementor, Ninja Forms plugin <= 1.1.5 - Cross Site Request Forgery (CSRF) vulnerability — Integration for Contact Form 7 and Constant Contact 4.3 Medium2024-06-03
CVE-2024-35638 WordPress ActiveDEMAND plugin <= 0.2.43 - Cross Site Request Forgery (CSRF) vulnerability — ActiveDEMAND 4.3 Medium2024-06-03
CVE-2024-4344 Shield Security – Smart Bot Blocking & Intrusion Prevention Security <= 19.1.13 - Cross-Site Request Forgery — Shield: Blocks Bots, Protects Users, and Prevents Security Breaches 4.3 Medium2024-06-02
CVE-2024-35636 WordPress Uploadcare File Uploader and Adaptive Delivery plugin <= 3.0.11 - Cross Site Request Forgery (CSRF) vulnerability — Uploadcare File Uploader and Adaptive Delivery (beta) 4.3 Medium2024-06-01
CVE-2024-34008 moodle: CSRF risk in analytics management of models 8.8 -2024-05-31
CVE-2024-34007 moodle: logout CSRF in admin/tool/mfa/auth.php 8.8 -2024-05-31
CVE-2024-34001 moodle: CSRF risk in admin preset tool management of presets 8.8 -2024-05-31
CVE-2024-4426 Comparison Slider <= 1.0.5 - Cross-Site Request Forgery — Comparison Slider 4.3 Medium2024-05-30
CVE-2024-3947 WP To Do <= 1.3.0 - Cross-Site Request Forgery via wptodo_settings — WP To Do 4.3 Medium2024-05-30
CVE-2024-3945 WP To Do <= 1.3.0 - Cross-Site Request Forgery via wptodo_manage() — WP To Do 4.3 Medium2024-05-30
CVE-2024-3943 WP To Do <= 1.3.0 - Cross-Site Request Forgery via wptodo_addcomment — WP To Do 4.3 Medium2024-05-30
CVE-2024-4218 AffiEasy <= 1.1.6 - Cross-Site Request Forgery to Various Actions — AffiEasy 6.5 Medium2024-05-30
CVE-2024-5185 Data Poisoning in EmbedAI — EmbedAI 7.3 High2024-05-29
CVE-2024-4429 Cross Site Request Forgery vulnerability in iManager — iManager 5.4 Medium2024-05-28
CVE-2024-5428 SourceCodester Simple Online Bidding System HTTP POST Request save_product cross-site request forgery — Simple Online Bidding System 4.3 Medium2024-05-28
CVE-2024-36255 Post actions can run playbook checklist task commands — Mattermost 5.7 Medium2024-05-26
CVE-2024-4409 WP-ViperGB <= 1.6.1 - Cross-Site Request Forgery — WP-ViperGB 4.3 Medium2024-05-24
CVE-2023-7045 Cross-Site Request Forgery (CSRF) in GitLab — GitLab 5.4 Medium2024-05-23
CVE-2024-1446 NextScripts: Social Networks Auto-Poster <= 4.4.3 - Cross-Site Request Forgery to Arbitrary Post Deletion — NextScripts: Social Networks Auto-Poster 5.4 Medium2024-05-22
CVE-2024-5097 SourceCodester Simple Inventory System tableedit.php#page=editprice cross-site request forgery — Simple Inventory System 4.3 Medium2024-05-19
CVE-2024-23554 HCL BigFix Platform is susceptible to Cross-Site Request Forgery — BigFix Platform 5.7 Medium2024-05-17
CVE-2024-34755 WordPress Integration for Salesforce and Contact Form 7, WPForms, Elementor, Formidable, Ninja Forms plugin <= 1.3.9 - Cross Site Request Forgery (CSRF) vulnerability — Integration for Contact Form 7 and Salesforce 4.3 Medium2024-05-17
CVE-2024-34756 WordPress Integration for HubSpot and Contact Form 7 plugin <= 1.3.1 - Cross Site Request Forgery (CSRF) vulnerability — Integration for Contact Form 7 HubSpot 4.3 Medium2024-05-17

Vulnerabilities classified as CWE-352 (跨站请求伪造(CSRF)) represent 4753 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.