Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-352 (跨站请求伪造(CSRF)) — Vulnerability Class 4754

4754 vulnerabilities classified as CWE-352 (跨站请求伪造(CSRF)). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2024-2951 WordPress RegistrationMagic plugin <= 5.3.0.0 - Cross Site Request Forgery (CSRF) vulnerability — RegistrationMagic 4.3 Medium2024-03-26
CVE-2024-2904 WordPress Calliope theme <= 1.0.33 - Cross Site Request Forgery (CSRF) vulnerability — Calliope 4.3 Medium2024-03-26
CVE-2023-49838 Cross-Site Request Forgery (CSRF) vulnerability in multiple themes by KlbTheme — Clotya theme 4.3 Medium2024-03-26
CVE-2023-51416 WordPress EnvíaloSimple plugin <= 2.2 - Cross Site Request Forgery (CSRF) vulnerability — EnvíaloSimple 6.5 Medium2024-03-26
CVE-2024-2326 Pretty Links – Affiliate Links, Link Branding, Link Tracking & Marketing Plugin <= 3.6.3 - Cross-Site Request Forgery to Plugin Settings Update — PrettyLinks – Affiliate Links, Link Branding, Link Tracking, Marketing and Stripe Payments Plugin 4.3 Medium2024-03-23
CVE-2024-2823 DedeCMS mda_main.php cross-site request forgery — DedeCMS 4.3 Medium2024-03-22
CVE-2024-2822 DedeCMS vote_edit.php cross-site request forgery — DedeCMS 4.3 Medium2024-03-22
CVE-2024-2821 DedeCMS friendlink_edit.php cross-site request forgery — DedeCMS 4.3 Medium2024-03-22
CVE-2024-2820 DedeCMS baidunews.php cross-site request forgery — DedeCMS 4.3 Medium2024-03-22
CVE-2024-2449 LoadMaster Cross-Site Request Forgery (CSRF) — LoadMaster 7.5 High2024-03-22
CVE-2024-2817 Tenda AC15 SysToolRestoreSet fromSysToolRestoreSet cross-site request forgery — AC15 4.3 Medium2024-03-22
CVE-2024-2816 Tenda AC15 SysToolReboot fromSysToolReboot cross-site request forgery — AC15 4.3 Medium2024-03-22
CVE-2024-1727 CSRF Vulnerability in gradio-app/gradio — gradio-app/gradio 7.1 -2024-03-21
CVE-2024-27968 WordPress Super Page Cache for Cloudflare plugin <= 4.7.5 - Cross Site Request Forgery (CSRF) to XSS vulnerability — Super Page Cache for Cloudflare 7.1 High2024-03-21
CVE-2024-29019 ESPHome vulnerable to Authentication bypass via Cross site request forgery — esphome 8.1 High2024-03-21
CVE-2024-27967 WordPress DSGVO All in one for WP plugin <= 4.3 - Cross Site Request Forgery (CSRF) vulnerability — DSGVO All in one for WP 4.3 Medium2024-03-21
CVE-2024-2741 Cross-Site Request Forgery in Planet IGS-4215-16T2S — IGS-4215-16T2S 7.1 High2024-03-21
CVE-2024-1538 File Manager <= 7.2.4 - Cross-Site Request Forgery to Local JS File Inclusion — File Manager 8.8 High2024-03-21
CVE-2024-2748 CSRF vulnerability was identified in GitHub Enterprise Server that allowed performing actions on behalf of a user — Enterprise Server 4.3 Medium2024-03-20
CVE-2024-29026 Owncast cross origin request — owncast 8.2 High2024-03-20
CVE-2024-1325 Live Sales Notification for Woocommerce – Woomotiv <= 3.4.3 - Cross-Site Request Forgery via ajax_cancel_review — Live Sales Notification for Woocommerce – Woomotiv 4.3 Medium2024-03-20
CVE-2024-1785 Contests by Rewards Fuel <= 2.0.62 - Cross-Site Request Forgery to Stored Cross-Site Scripting — Contests by Rewards Fuel 5.4 Medium2024-03-20
CVE-2024-29093 WordPress Builder for WooCommerce reviews shortcodes – ReviewShort plugin <= 1.01.3 - Cross Site Request Forgery (CSRF) vulnerability — Builder for WooCommerce reviews shortcodes – ReviewShort 4.3 Medium2024-03-19
CVE-2024-27439 Apache Wicket: Possible bypass of CSRF protection — Apache Wicket 8.8 -2024-03-19
CVE-2024-2560 Tenda AC18 SysToolRestoreSet fromSysToolRestoreSet cross-site request forgery — AC18 4.3 Medium2024-03-17
CVE-2024-2559 Tenda AC18 SysToolReboot fromSysToolReboot cross-site request forgery — AC18 4.3 Medium2024-03-17
CVE-2024-27194 WordPress Fontific plugin <= 0.1.6 - CSRF to XSS vulnerability — Fontific | Google Fonts 7.1 High2024-03-16
CVE-2024-27195 WordPress Watermark RELOADED plugin <= 1.3.5 - CSRF to XSS vulnerability — Watermark RELOADED 7.1 High2024-03-16
CVE-2024-27197 WordPress BeePress plugin <= 6.9.8 - CSRF to Stored Cross Site Scripting (XSS) vulnerability — BeePress 7.1 High2024-03-16
CVE-2023-51474 WordPress TerraClassifieds plugin <= 2.0.3 - Cross Site Request Forgery (CSRF) to Account Takeover vulnerability — TerraClassifieds 8.8 High2024-03-16

Vulnerabilities classified as CWE-352 (跨站请求伪造(CSRF)) represent 4754 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.