CWE-352 (跨站请求伪造(CSRF)) — Vulnerability Class 4754

4754 vulnerabilities classified as CWE-352 (跨站请求伪造(CSRF)). AI Chinese analysis included.

CVE ID	Title	CVSS	Severity	Published
CVE-2024-31293	WordPress Easy Digital Downloads plugin <= 3.2.6 - Cross Site Request Forgery (CSRF) vulnerability — Easy Digital Downloads	4.3	Medium	2024-04-12
CVE-2024-31301	WordPress Multiple Page Generator Plugin – MPG plugin <= 3.4.0 - Cross Site Request Forgery (CSRF) vulnerability — Multiple Page Generator Plugin – MPG	5.4	Medium	2024-04-12
CVE-2024-31303	WordPress Sign-up Sheets plugin <= 2.2.11.1 - Cross Site Request Forgery (CSRF) vulnerability — Sign-up Sheets	4.3	Medium	2024-04-12
CVE-2024-31305	WordPress Transcoder plugin <= 1.3.5 - Cross Site Request Forgery (CSRF) vulnerability — Transcoder	4.3	Medium	2024-04-12
CVE-2024-31354	WordPress Slideshow Gallery LITE plugin <= 1.7.8 - Cross Site Request Forgery (CSRF) vulnerability — Slideshow Gallery	4.3	Medium	2024-04-12
CVE-2024-31360	WordPress Benchmark Email Lite plugin <= 4.1 - Cross Site Request Forgery (CSRF) vulnerability — Benchmark Email Lite	4.3	Medium	2024-04-12
CVE-2024-31362	WordPress ProfileGrid – User Profiles, Memberships, Groups and Communities plugin <= 5.7.8 - Cross Site Request Forgery (CSRF) vulnerability — ProfileGrid	4.3	Medium	2024-04-12
CVE-2024-31363	WordPress LifterLMS plugin <= 7.5.0 - Cross Site Request Forgery (CSRF) vulnerability — LifterLMS	4.3	Medium	2024-04-12
CVE-2024-31364	WordPress ELEX WooCommerce Dynamic Pricing and Discounts plugin <= 2.1.2 - Cross Site Request Forgery (CSRF) vulnerability — ELEX WooCommerce Dynamic Pricing and Discounts	4.3	Medium	2024-04-12
CVE-2024-31371	WordPress WP Event Aggregator plugin <= 1.7.6 - Cross Site Request Forgery (CSRF) vulnerability — WP Event Aggregator	4.3	Medium	2024-04-12
CVE-2024-31372	WordPress No-Bot Registration plugin <= 1.9.1 - Cross Site Request Forgery (CSRF) vulnerability — No-Bot Registration	4.3	Medium	2024-04-12
CVE-2024-32105	WordPress ELEX WooCommerce Dynamic Pricing and Discounts plugin <= 2.1.2 - Cross Site Request Forgery (CSRF) vulnerability — ELEX WooCommerce Dynamic Pricing and Discounts	4.3	Medium	2024-04-11
CVE-2024-32106	WordPress WP Compress plugin <= 6.10.35 - Cross Site Request Forgery (CSRF) vulnerability — WP Compress – Image Optimizer [All-In-One]	4.3	Medium	2024-04-11
CVE-2024-32107	WordPress Finale Lite plugin <= 2.18.0 - Cross Site Request Forgery (CSRF) vulnerability — Finale Lite	4.3	Medium	2024-04-11
CVE-2024-32108	WordPress Convert Post Types plugin <= 1.4 - Cross Site Request Forgery (CSRF) vulnerability — Convert Post Types	4.3	Medium	2024-04-11
CVE-2024-32109	WordPress WP Matterport Shortcode plugin <= 2.1.9 - Cross Site Request Forgery (CSRF) vulnerability — WP Matterport Shortcode	4.3	Medium	2024-04-11
CVE-2024-31932	WordPress Blocksy Companion plugin <= 2.0.28 - Cross Site Request Forgery (CSRF) vulnerability — Blocksy Companion	5.4	Medium	2024-04-11
CVE-2024-31934	WordPress Link Whisper Free plugin <= 0.6.9 - Cross Site Request Forgery (CSRF) vulnerability — Link Whisper Free	4.3	Medium	2024-04-11
CVE-2024-31935	WordPress Simple Post Notes plugin <= 1.7.6 - Cross Site Request Forgery (CSRF) vulnerability — Simple Post Notes	4.3	Medium	2024-04-11
CVE-2024-31936	WordPress UsersWP plugin < 1.2.6 - Cross Site Request Forgery (CSRF) vulnerability — UsersWP	5.4	Medium	2024-04-11
CVE-2024-31285	WordPress WordPress Tooltips plugin <= 9.5.3 - Cross Site Request Forgery (CSRF) vulnerability — WordPress Tooltips	7.1	High	2024-04-11
CVE-2024-32112	WordPress Leadinfo plugin <= 1.0 - Cross Site Request Forgery (CSRF) vulnerability — Leadinfo	4.3	Medium	2024-04-11
CVE-2024-31988	XWiki Platform CSRF remote code execution through the realtime HTML Converter API — xwiki-platform	9.7	Critical	2024-04-10
CVE-2024-31986	XWiki Platform CSRF remote code execution through scheduler job's document reference — xwiki-platform	9.1	Critical	2024-04-10
CVE-2024-31985	XWiki Platform CSRF in the job scheduler — xwiki-platform	5.4	Medium	2024-04-10
CVE-2024-31939	WordPress Import any XML or CSV File to WordPress plugin <= 3.7.3 - Cross Site Request Forgery (CSRF) vulnerability — Import any XML or CSV File to WordPress	4.3	Medium	2024-04-10
CVE-2024-31430	Cross-Site Request Forgery (CSRF) vulnerability in realmag777 BEAR and WOLF WordPress plugins — WOLF – WordPress Posts Bulk Editor and Manager Professional	4.3	Medium	2024-04-10
CVE-2024-31386	Multiple WordPress themes affected by Cross-Site Request Forgery vulnerability — X-T9	4.3	Medium	2024-04-10
CVE-2024-31943	WordPress USPS Shipping for WooCommerce plugin <= 1.9.2 - Cross Site Request Forgery (CSRF) vulnerability — USPS Shipping for WooCommerce – Live Rates	4.3	Medium	2024-04-10
CVE-2024-31944	WordPress WooCommerce UPS Shipping plugin <= 2.2.4 - Cross Site Request Forgery (CSRF) vulnerability — WooCommerce UPS Shipping – Live Rates and Access Points	4.3	Medium	2024-04-10

Vulnerabilities classified as CWE-352 (跨站请求伪造(CSRF)) represent 4754 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.

Goal Reached Thanks to every supporter — we hit 100%!

CWE-352 (跨站请求伪造(CSRF)) — Vulnerability Class 4754