Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-352 (跨站请求伪造(CSRF)) — Vulnerability Class 4754

4754 vulnerabilities classified as CWE-352 (跨站请求伪造(CSRF)). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2024-31096 WordPress Nictitate theme <= 1.1.4 - Cross Site Request Forgery (CSRF) vulnerability — Nictitate 4.3 Medium2024-03-31
CVE-2024-31100 WordPress Popup Cart Lite for WooCommerce plugin <= 1.1 - Cross Site Request Forgery (CSRF) vulnerability — Popup Cart Lite for WooCommerce 5.4 Medium2024-03-31
CVE-2024-1522 Cross-Site Request Forgery (CSRF) Leading to Remote Code Execution in parisneo/lollms-webui — parisneo/lollms-webui 7.4AIHighAI2024-03-30
CVE-2024-3089 PHPGurukul Emergency Ambulance Hiring Portal Manage Ambulance Page manage-ambulance.php cross-site request forgery — Emergency Ambulance Hiring Portal 4.3 Medium2024-03-30
CVE-2024-30455 WordPress GamiPress plugin <= 6.8.5 - Cross Site Request Forgery (CSRF) vulnerability — GamiPress 4.3 Medium2024-03-29
CVE-2024-30460 WordPress Tumult Hype Animations plugin <= 1.9.11 - Cross Site Request Forgery (CSRF) vulnerability — Tumult Hype Animations 4.3 Medium2024-03-29
CVE-2024-30454 WordPress WP SMS plugin <= 6.6.2 - Cross Site Request Forgery (CSRF) vulnerability — WP SMS 4.3 Medium2024-03-29
CVE-2024-30462 WordPress HUSKY plugin <= 1.3.5.1 - Cross Site Request Forgery (CSRF) vulnerability — HUSKY – Products Filter for WooCommerce (formerly WOOF) 4.3 Medium2024-03-29
CVE-2024-30468 WordPress All-In-One Security (AIOS) – Security and Firewall plugin <= 5.2.6 - Cross Site Request Forgery (CSRF) vulnerability — All In One WP Security & Firewall 4.3 Medium2024-03-29
CVE-2024-30482 WordPress Simple Revisions Delete plugin <= 1.5.3 - Cross Site Request Forgery (CSRF) vulnerability — Simple Revisions Delete 4.3 Medium2024-03-29
CVE-2024-30518 WordPress Custom WooCommerce Checkout Fields Editor plugin <= 1.3.0 - Cross Site Request Forgery (CSRF) vulnerability — Custom WooCommerce Checkout Fields Editor 4.3 Medium2024-03-29
CVE-2024-30521 WordPress Landingi Landing Pages plugin <= 3.1.1 - Cross Site Request Forgery (CSRF) vulnerability — Landingi Landing Pages 5.4 Medium2024-03-29
CVE-2024-30493 WordPress Church Admin plugin <= 4.1.7 - Cross Site Request Forgery (CSRF) vulnerability — Church Admin 4.3 Medium2024-03-29
CVE-2024-30456 WordPress WPCS – WordPress Currency Switcher Professional plugin <=1.2.0.1 - Cross Site Request Forgery (CSRF) vulnerability — WPCS 4.3 Medium2024-03-29
CVE-2024-30457 WordPress MDTF plugin <= 1.3.3.1 - Cross Site Request Forgery (CSRF) vulnerability — WordPress Meta Data and Taxonomies Filter (MDTF) 4.3 Medium2024-03-29
CVE-2024-30458 WordPress FOX – Currency Switcher Professional for WooCommerce plugin <= 1.4.1.7 - Cross Site Request Forgery (CSRF) vulnerability — WOOCS – WooCommerce Currency Switcher 4.3 Medium2024-03-29
CVE-2024-2964 Pocket News Generator <= 0.2.0 - Cross-Site Request Forgery to Settings Update — Pocket News Generator 5.4 Medium2024-03-29
CVE-2024-2113 Ninja Forms Contact Form – The Drag and Drop Form Builder for WordPress <= 3.8.0 - Cross-Site Request Forgery to Publicly Accessible Form Submission Export — Ninja Forms – The Contact Form Builder That Grows With You 4.3 Medium2024-03-29
CVE-2024-2970 News Wall <= 1.1.0 - Cross-Site Request Forgery to Plugin Settings Update — News Wall 4.3 Medium2024-03-29
CVE-2024-2969 WP-Eggdrop <= 0.1 - Cross-Site Request Forgery to Settings Update — WP-Eggdrop 5.4 Medium2024-03-29
CVE-2024-30421 WordPress Events Manager plugin <= 6.4.7.1 - Cross Site Request Forgery (CSRF) vulnerability — Events Manager 4.3 Medium2024-03-28
CVE-2022-45850 WordPress Image Map Pro premium plugin < 5.6.9 - Cross-Site Request Forgery (CSRF) leading to Stored Cross-Site Scripting (XSS) — Image Map Pro 6.1 Medium2024-03-28
CVE-2024-2110 Events Manager <= 6.4.7.1 - Cross-Site Request Forgery — Events Manager – Calendar, Bookings, Tickets, and more! 4.3 Medium2024-03-28
CVE-2022-45847 WordPress Countdown Widget plugin <= 3.1.9.1 - Cross-Site Request Forgery (CSRF) leading to Cross-Site Scripting (XSS) — WordPress Countdown Widget 6.1 Medium2024-03-27
CVE-2024-23510 WordPress Don't Muck My Markup plugin <= 1.8 - Cross Site Request Forgery (CSRF) vulnerability — Don't Muck My Markup 4.3 Medium2024-03-27
CVE-2024-23515 WordPress Cincopa video and media plugin <= 1.159 - Cross Site Request Forgery (CSRF) vulnerability — Post Video Players 5.4 Medium2024-03-27
CVE-2023-39311 WordPress Avada Builder plugin <= 3.11.1 - Cross Site Request Forgery (CSRF) vulnerability — Fusion Builder 7.1 High2024-03-27
CVE-2023-44999 WordPress WooCommerce Stripe Gateway plugin <= 7.6.0 - Cross Site Request Forgery (CSRF) vulnerability — WooCommerce Stripe Payment Gateway 5.4 Medium2024-03-27
CVE-2024-29773 WordPress BizPrint plugin <= 4.5.5 - CSRF to XSS vulnerability — BizPrint 7.1 High2024-03-27
CVE-2024-2911 Tianjin PubliCMS cross-site request forgery — PubliCMS 4.3 Medium2024-03-26

Vulnerabilities classified as CWE-352 (跨站请求伪造(CSRF)) represent 4754 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.