Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-352 (跨站请求伪造(CSRF)) — Vulnerability Class 4754

4754 vulnerabilities classified as CWE-352 (跨站请求伪造(CSRF)). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2024-0767 Envo's Elementor Templates & Widgets for WooCommerce <= 1.4.4 - Cross-Site Request Forgery via ajax_plugin_activation — Envo's Templates & Widgets for Elementor and WooCommerce 4.3 Medium2024-02-28
CVE-2024-1954 Oliver POS – A WooCommerce Point of Sale (POS) <= 2.4.1.8 - Cross-Site Request Forgery — Oliver POS – A WooCommerce Point of Sale (POS) 6.3 Medium2024-02-28
CVE-2024-0431 Gestpay for WooCommerce <= 20221130 - Cross-Site Request Forgery (CSRF) via ajax_set_default_card — Ecommerce Fabrick 4.3 Medium2024-02-28
CVE-2024-0432 Gestpay for WooCommerce <= 20221130 - Cross-Site Request Forgery (CSRF) via ajax_delete_card — Ecommerce Fabrick 4.3 Medium2024-02-28
CVE-2024-0768 Envo's Elementor Templates & Widgets for WooCommerce <= 1.4.4 - Cross-Site Request Forgery via ajax_theme_activation — Envo's Templates & Widgets for Elementor and WooCommerce 4.3 Medium2024-02-28
CVE-2024-0433 Gestpay for WooCommerce <= 20221130 - Cross-Site Request Forgery (CSRF) via ajax_unset_default_card — Ecommerce Fabrick 4.3 Medium2024-02-28
CVE-2024-1943 Yuki <= 1.3.14 - Cross-Site Request Forgery to Theme Setting Reset — Yuki 4.3 Medium2024-02-28
CVE-2024-1910 Categorify <= 1.0.7.4 - Cross-Site Request Forgery via categorifyAjaxClearCategory — Categorify – WordPress Media Library Category & File Manager 4.3 Medium2024-02-27
CVE-2024-1906 Categorify <= 1.0.7.4 - Cross-Site Request Forgery via categorifyAjaxAddCategory — Categorify – WordPress Media Library Category & File Manager 4.3 Medium2024-02-27
CVE-2024-1912 Categorify <= 1.0.7.4 - Cross-Site Request Forgery via categorifyAjaxUpdateFolderPosition — Categorify – WordPress Media Library Category & File Manager 4.3 Medium2024-02-27
CVE-2024-1909 Categorify <= 1.0.7.4 - Cross-Site Request Forgery via categorifyAjaxRenameCategory — Categorify – WordPress Media Library Category & File Manager 4.3 Medium2024-02-27
CVE-2024-1907 Categorify <= 1.0.7.4 - Cross-Site Request Forgery via categorifyAjaxDeleteCategory — Categorify – WordPress Media Library Category & File Manager 4.3 Medium2024-02-27
CVE-2024-1889 Cross-Site Request Forgery vulnerability in SMA Cluster Controller — SMA Cluster Controller 8.8 High2024-02-26
CVE-2023-32344 IBM Cognos Analytics cross-site request forgery — Cognos Analytics 4.3 Medium2024-02-24
CVE-2024-1360 Colibri WP <= 1.0.94 - Cross-Site Request Forgery to Limited Plugin Installation — Colibri WP 4.3 Medium2024-02-23
CVE-2024-1361 Colibri Page Builder <= 1.0.253 - Cross-Site Request Fogery via extend_builder — Colibri Page Builder 4.3 Medium2024-02-23
CVE-2024-1362 Colibri Page Builder <= 1.0.253 - Cross-Site Request Fogery via cp_shortcode_refresh — Colibri Page Builder 4.3 Medium2024-02-23
CVE-2024-1777 Admin side data storage for Contact Form 7 <= 1.1.1 - Cross-Site Request Forgery — Admin side data storage for Contact Form 7 4.3 Medium2024-02-23
CVE-2024-24798 WordPress Debug Plugin <= 1.10 is vulnerable to Cross Site Request Forgery (CSRF) — Debug 4.3 Medium2024-02-21
CVE-2024-24802 WordPress JTRT Responsive Tables Plugin <= 4.1.9 is vulnerable to Cross Site Request Forgery (CSRF) — JTRT Responsive Tables 4.3 Medium2024-02-21
CVE-2024-24837 Cross-Site Request Forgery (CSRF) vulnerability in FG PrestaShop, FG Drupal and FG Joomla WordPress plugins — FG PrestaShop to WooCommerce 4.3 Medium2024-02-21
CVE-2024-24843 WordPress PowerPack Pro for Elementor Plugin < 2.10.8 is vulnerable to Cross Site Request Forgery (CSRF) — PowerPack Pro for Elementor 7.1 High2024-02-21
CVE-2024-24849 WordPress Quicksand Post Filter jQuery Plugin Plugin <= 3.1.1 is vulnerable to Cross Site Request Forgery (CSRF) — Quicksand Post Filter jQuery Plugin 4.3 Medium2024-02-21
CVE-2024-24872 WordPress Themify Builder Plugin <= 7.0.5 is vulnerable to Cross Site Request Forgery (CSRF) — Themify Builder 4.3 Medium2024-02-21
CVE-2024-24876 WordPress Admin Menu Editor Plugin <= 1.12 is vulnerable to Cross Site Request Forgery (CSRF) — Admin Menu Editor 4.3 Medium2024-02-21
CVE-2024-25904 WordPress TinyMCE Professional Formats and Styles Plugin <= 1.1.2 is vulnerable to Cross Site Request Forgery (CSRF) — TinyMCE and TinyMCE Advanced Professsional Formats and Styles 4.3 Medium2024-02-21
CVE-2024-25905 WordPress Multi Step Form Plugin <= 1.7.18 is vulnerable to Cross Site Request Forgery (CSRF) — Multi Step Form 5.4 Medium2024-02-21
CVE-2024-1501 Database Reset <= 3.22 - Cross-Site Request Forgery to WP Reset Plugin Installation — Database Reset 4.7 Medium2024-02-21
CVE-2024-0516 Royal Elementor Addons and Templates <= 1.3.87 - Missing Authorization via wpr_update_form_action_meta — Royal Addons for Elementor – Addons and Templates Kit for Elementor 5.3 Medium2024-02-20
CVE-2024-1336 ImageRecycle pdf & image compression <= 3.1.13 - Cross-Site Request Forgery to Settings Update in optimizeAllOn — ImageRecycle pdf & image compression 4.3 Medium2024-02-20

Vulnerabilities classified as CWE-352 (跨站请求伪造(CSRF)) represent 4754 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.