Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-352 (跨站请求伪造(CSRF)) — Vulnerability Class 4753

4753 vulnerabilities classified as CWE-352 (跨站请求伪造(CSRF)). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2024-4590 DedeCMS sys_info.php cross-site request forgery — DedeCMS 4.3 Medium2024-05-07
CVE-2024-4589 DedeCMS mytag_edit.php cross-site request forgery — DedeCMS 4.3 Medium2024-05-07
CVE-2024-4588 DedeCMS mytag_add.php cross-site request forgery — DedeCMS 4.3 Medium2024-05-07
CVE-2024-4587 DedeCMS tpl.php cross-site request forgery — DedeCMS 4.3 Medium2024-05-07
CVE-2024-4586 DedeCMS shops_delivery.php cross-site request forgery — DedeCMS 4.3 Medium2024-05-07
CVE-2024-4585 DedeCMS member_type.php cross-site request forgery — DedeCMS 4.3 Medium2024-05-07
CVE-2024-4600 Cross-Site Request Forgery vulnerability in Socomec Net Vision — Net vision 7.1 High2024-05-07
CVE-2024-34379 WordPress Restaurant and Cafe theme <= 1.2.1 - Cross Site Request Forgery (CSRF) vulnerability — Restaurant and Cafe 4.3 Medium2024-05-06
CVE-2024-34367 WordPress Popup Box plugin <= 4.1.2 - CSRF to XSS vulnerability — Popup box 7.1 High2024-05-06
CVE-2024-34069 Werkzeug's improper usage of a pathname and improper CSRF protection results in the remote command execution — werkzeug 7.5 High2024-05-06
CVE-2023-7065 Stop Spammers Security | Block Spam Users, Comments, Forms <= 2024.4 - Cross-Site Request Forgery (CSRF) via sfs_process — Stop Spammers Classic 5.4 Medium2024-05-04
CVE-2024-4086 CM Tooltip Glossary – Powerful Glossary Plugin <= 4.2.11 - Cross-Site Request Forgery — CM Tooltip Glossary 4.3 Medium2024-05-02
CVE-2024-2960 SVS Pricing Tables <= 1.0.4 - Cross-Site Request Forgery to Pricing Table Deletion — SVS Pricing Tables 4.3 Medium2024-05-02
CVE-2024-1415 Responsive Contact Form Builder & Lead Generation Plugin <= 1.8.9 - Cross-Site Request Forgery — Lead Form Builder & Contact Form 4.3 Medium2024-05-02
CVE-2024-1416 Responsive Contact Form Builder & Lead Generation Plugin <= 1.8.9 - Missing Authorization — Lead Form Builder & Contact Form 4.3 Medium2024-05-02
CVE-2024-0613 Delete Custom Fields <= 0.3.1 - Cross-Site Request Forgery to Post Meta Deletion — Delete Custom Fields 6.1 Medium2024-05-02
CVE-2024-3215 Paid Memberships Pro <= 3.0.1 - Cross-Site Request Forgery — Paid Memberships Pro – Content Restriction, User Registration, & Paid Subscriptions 5.3 Medium2024-05-02
CVE-2024-2959 SVS Pricing Tables <= 1.0.4 - Cross-Site Request Forgery to Pricing Table Edit/Creation — SVS Pricing Tables 4.3 Medium2024-05-02
CVE-2024-0847 5280 Bootstrap Modal Contact Form <= 1.0 - Cross-Site Request Forgery to Bulk Delete Messages — 5280 Bootstrap Modal Contact Form 4.3 Medium2024-05-02
CVE-2024-4083 Easy Restaurant Table Booking <= 1.0.0 - Cross-Site Request Forgery — Easy Restaurant Table Booking 4.3 Medium2024-05-02
CVE-2024-4128 CSRF in firebase-tools emulator suite — firebase-tools 2.6 Low2024-05-02
CVE-2024-33913 WordPress Xserver Migrator plugin <= 1.6.1 - CSRF to Arbitrary File Upload vulnerability — Xserver Migrator 9.6 Critical2024-05-02
CVE-2024-33681 WordPress Regenerate post permalink plugin <= 1.0.3 - Cross Site Request Forgery (CSRF) leading to XSS vulnerability — Regenerate post permalink 7.1 High2024-04-29
CVE-2024-33632 WordPress Piotnet Addons For Elementor Pro plugin <= 7.1.17 - Cross Site Request Forgery (CSRF) vulnerability — Piotnet Addons For Elementor Pro 5.4 Medium2024-04-29
CVE-2024-33646 WordPress Sticky Anything plugin <= 2.1.5 - Broken Access Control to XSS vulnerability — Sticky Anything 7.1 High2024-04-29
CVE-2024-33688 WordPress Teluro theme <= 1.0.31 - Cross Site Request Forgery (CSRF) vulnerability — Teluro 4.3 Medium2024-04-26
CVE-2024-33689 WordPress Radio Station plugin <= 2.5.7 - Cross Site Request Forgery (CSRF) vulnerability — Radio Station 4.3 Medium2024-04-26
CVE-2024-33690 WordPress Financio theme <= 1.1.3 - Cross Site Request Forgery (CSRF) vulnerability — Financio 4.3 Medium2024-04-26
CVE-2024-33691 WordPress Popup Builder by OptinMonster plugin <= 2.15.3 - Cross Site Request Forgery (CSRF) Notice Dismissal vulnerability — OptinMonster 4.3 Medium2024-04-26
CVE-2024-33677 WordPress Contact Form 7 Extension For Mailchimp plugin <= 0.5.70 - Cross Site Request Forgery (CSRF) vulnerability — Contact Form 7 Extension For Mailchimp 4.3 Medium2024-04-26

Vulnerabilities classified as CWE-352 (跨站请求伪造(CSRF)) represent 4753 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.