CWE-352 (跨站请求伪造(CSRF)) — Vulnerability Class 4753

4753 vulnerabilities classified as CWE-352 (跨站请求伪造(CSRF)). AI Chinese analysis included.

CVE ID	Title	CVSS	Severity	Published
CVE-2024-34806	WordPress Clearfy Cache plugin <= 2.2.1 - Cross Site Request Forgery (CSRF) vulnerability — Clearfy Cache	4.3	Medium	2024-05-17
CVE-2024-34807	WordPress Fast Custom Social Share by CodeBard plugin <= 1.1.2 - Cross Site Request Forgery (CSRF) vulnerability — Fast Custom Social Share by CodeBard	4.3	Medium	2024-05-17
CVE-2024-34809	WordPress EmpowerWP theme <= 1.0.21 - Cross Site Request Forgery (CSRF) vulnerability — EmpowerWP	4.3	Medium	2024-05-17
CVE-2024-27955	WordPress Automatic plugin <= 3.92.0 - CSRF to Privilege Escalation vulnerability — Automatic	8.8	High	2024-05-17
CVE-2023-44478	WordPress Events Rich Snippets for Google plugin <= 1.8 - CSRF Leading to Privilege Escalation vulnerability — Events Rich Snippets for Google	7.1	High	2024-05-17
CVE-2024-4204	Bulk Posts Editing For WordPress <= 4.2.3 - Cross-Site Request Forgery — WPBULKiT – Bulk Edit WordPress Posts & Pages	4.3	Medium	2024-05-16
CVE-2024-4929	SourceCodester Simple Online Bidding System cross-site request forgery — Simple Online Bidding System	4.3	Medium	2024-05-16
CVE-2024-34818	WordPress Webinar plugin <= 1.33.17 - Cross Site Request Forgery (CSRF) vulnerability — WebinarPress	7.1	High	2024-05-10
CVE-2024-34814	WordPress Unyson plugin <=2.7.29 - Cross Site Request Forgery (CSRF) vulnerability — Unyson	5.4	Medium	2024-05-10
CVE-2024-34816	WordPress WPCal.io plugin <= 0.9.5.8 - Cross Site Request Forgery (CSRF) vulnerability — WPCal.io – Easy Meeting Scheduler	5.4	Medium	2024-05-10
CVE-2024-34817	WordPress Integration for Pipedrive and Contact Form 7, WPForms, Elementor, Ninja Forms plugin <= 1.2.0 - Cross Site Request Forgery (CSRF) vulnerability — Integration for Pipedrive and Contact Form 7, WPForms, Elementor, Ninja Forms	4.3	Medium	2024-05-10
CVE-2024-31113	WordPress Easy Digital Downloads plugin <= 3.2.11 - Cross Site Request Forgery (CSRF) vulnerability — Easy Digital Downloads	4.3	Medium	2024-05-10
CVE-2024-4689	WordPress ShortPixel Adaptive Images plugin <= 3.8.3 - Cross Site Request Forgery (CSRF) vulnerability — ShortPixel Adaptive Images	4.3	Medium	2024-05-10
CVE-2024-34823	WordPress Arigato Autoresponder and Newsletter plugin <= 2.7.2.3 - Cross Site Request Forgery (CSRF) vulnerability — Arigato Autoresponder and Newsletter	4.3	Medium	2024-05-10
CVE-2024-34825	WordPress Social Warfare plugin <= 4.4.5.1 - Cross Site Request Forgery (CSRF) vulnerability — Social Warfare	4.3	Medium	2024-05-10
CVE-2024-34827	WordPress Translate Multilingual sites – TranslatePress plugin <= 2.7.5 - Cross Site Request Forgery (CSRF) vulnerability — TranslatePress	4.3	Medium	2024-05-10
CVE-2024-34828	WordPress Church Admin plugin <= 4.1.32 - Cross Site Request Forgery (CSRF) vulnerability — Church Admin	4.3	Medium	2024-05-10
CVE-2024-4463	Squelch Tabs and Accordions Shortcodes <= 0.4.7 - Cross-Site Request Forgery — Squelch Tabs and Accordions Shortcodes	4.3	Medium	2024-05-09
CVE-2024-4082	Joli FAQ SEO – WordPress FAQ Plugin <= 1.3.2 - Cross-Site Request Forgery — Joli FAQ SEO – WordPress FAQ Plugin	4.3	Medium	2024-05-09
CVE-2024-4103	ADFO – Custom data in admin dashboard <= 1.9.0 - Cross-Site Request Forgery — ADFO – Custom data in admin dashboard	4.3	Medium	2024-05-09
CVE-2024-4314	hostel <= 1.1.5.3 - Cross-Site Request Forgery — Hostel	4.3	Medium	2024-05-09
CVE-2024-4312	Soccer Engine – Soccer Plugin for WordPress <= 1.12 - Cross-Site Request Forgery — Soccer Engine – Soccer Plugin for WordPress	4.3	Medium	2024-05-09
CVE-2024-34439	WordPress DS Site Message plugin <= 1.14.4 - Cross Site Request Forgery (CSRF) vulnerability — DS Site Message	4.3	Medium	2024-05-09
CVE-2024-34427	WordPress WP Favorite Posts plugin <= 1.6.8 - Cross Site Request Forgery (CSRF) vulnerability — WP Favorite Posts	4.3	Medium	2024-05-09
CVE-2024-34557	WordPress Barcode Scanner with Inventory & Order Manager plugin <= 1.5.4 - Cross Site Request Forgery (CSRF) vulnerability — Barcode Scanner with Inventory & Order Manager	4.3	Medium	2024-05-09
CVE-2024-4597	Cross-Site Request Forgery (CSRF) in GitLab — GitLab	5.7	Medium	2024-05-09
CVE-2024-4594	DedeCMS sys_safe.php cross-site request forgery — DedeCMS	4.3	Medium	2024-05-07
CVE-2024-4593	DedeCMS sys_multiserv.php cross-site request forgery — DedeCMS	4.3	Medium	2024-05-07
CVE-2024-4592	DedeCMS sys_group_edit.php cross-site request forgery — DedeCMS	4.3	Medium	2024-05-07
CVE-2024-4591	DedeCMS sys_group_add.php cross-site request forgery — DedeCMS	4.3	Medium	2024-05-07

Vulnerabilities classified as CWE-352 (跨站请求伪造(CSRF)) represent 4753 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.

Goal Reached Thanks to every supporter — we hit 100%!

CWE-352 (跨站请求伪造(CSRF)) — Vulnerability Class 4753