Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-352 (跨站请求伪造(CSRF)) — Vulnerability Class 4750

4750 vulnerabilities classified as CWE-352 (跨站请求伪造(CSRF)). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2026-4141 Quran Translations <= 1.7 - Cross-Site Request Forgery to Playlist Settings Form — Quran Translations 4.3 Medium2026-04-08
CVE-2026-3499 Product Feed PRO for WooCommerce by AdTribes – Product Feeds for WooCommerce 13.4.6 - 13.5.2.1 - Cross-Site Request Forgery to Multiple Administrative Actions — Product Feed PRO for WooCommerce by AdTribes – Product Feeds for WooCommerce 8.8 High2026-04-08
CVE-2026-4401 Download Monitor <= 5.1.10 - Cross-Site Request Forgery to Download Path Deletion and Disabling — Download Monitor 5.4 Medium2026-04-07
CVE-2026-39371 RedwoodSDK has a CSRF vulnerability in server function dispatch via GET requests — sdk 8.1 High2026-04-07
CVE-2026-34904 WordPress Simple Social Media Share Buttons plugin <= 6.2.0 - Cross Site Request Forgery (CSRF) vulnerability — Simple Social Media Share Buttons 7.5 High2026-04-07
CVE-2026-34896 WordPress Under Construction, Coming Soon & Maintenance Mode plugin <= 2.1.1 - Cross Site Request Forgery (CSRF) vulnerability — Under Construction, Coming Soon & Maintenance Mode 7.5 High2026-04-07
CVE-2026-35181 WWBN AVideo Affected by CSRF on Player Skin Configuration via admin/playerUpdate.json.php — AVideo 4.3 Medium2026-04-06
CVE-2026-35180 WWBN AVideo affected by CSRF on Site Customization Endpoint Enables Logo Overwrite via Base64 File Write — AVideo 4.3 Medium2026-04-06
CVE-2026-5624 ProjectSend upload.php cross-site request forgery — ProjectSend 4.3 Medium2026-04-06
CVE-2019-25682 CMSsite 1.0 Cross-Site Request Forgery via users.php — CMSsite 4.3 Medium2026-04-05
CVE-2026-5572 Technostrobe HI-LED-WR120-G2 cross-site request forgery — HI-LED-WR120-G2 4.3 Medium2026-04-05
CVE-2016-20053 Redaxo CMS 5.2 Cross-Site Request Forgery via users endpoint — Redaxo CMS 5.3 Medium2026-04-04
CVE-2016-20051 Snews CMS 1.7 Cross-Site Request Forgery via changeup — Snews CMS Cross Site Request Forgery 5.3 Medium2026-04-04
CVE-2026-34228 Emlog: CSRF in Backend Upgrade Interface Leading to Arbitrary Remote SQL Execution and Arbitrary File Write — emlog 8.8AIHighAI2026-04-03
CVE-2025-36375 IBM DataPower Gateway vulnerable to CSRF — DataPower Gateway 10.6CD 6.5 Medium2026-04-01
CVE-2026-34749 Payload has a CSRF Protection Bypass in Authentication Flow — payload 5.4 Medium2026-04-01
CVE-2026-34613 AVideo: CSRF on Plugin Enable/Disable Endpoint Allows Disabling Security Plugins — AVideo 6.5 Medium2026-03-31
CVE-2026-34611 AVideo: CSRF on emailAllUsers.json.php Enables Mass Phishing Email to All Users — AVideo 6.5 Medium2026-03-31
CVE-2026-34394 AVideo: CSRF on Admin Plugin Configuration Enables Payment Credential Hijacking — AVideo 8.1 High2026-03-31
CVE-2026-34384 Admidio: Missing CSRF Protection on Registration Approval Actions — admidio 4.5 Medium2026-03-31
CVE-2026-34382 Admidio: Missing CSRF Protection on Custom List Deletion in mylist_function.php — admidio 4.6 Medium2026-03-31
CVE-2026-3191 Minify HTML <= 2.1.12 - Cross-Site Request Forgery to Plugin Settings Update — Minify HTML 5.4 Medium2026-03-31
CVE-2026-4315 WatchGuard Firebox Cross-Site Request Forgery (CSRF) in Fireware Web UI — Fireware OS 6.5 -2026-03-30
CVE-2026-4971 SourceCodester Note Taking App cross-site request forgery — Note Taking App 4.3 Medium2026-03-27
CVE-2026-4968 SourceCodester Diary App diary.php cross-site request forgery — Diary App 4.3 Medium2026-03-27
CVE-2026-4393 Automated Logout - Moderately critical - Cross-site request forgery - SA-CONTRIB-2026-030 — Automated Logout 8.1AIHighAI2026-03-26
CVE-2026-1032 Conditional Menus <= 1.2.6 - Cross-Site Request Forgery to Menu Options Update — Conditional Menus 4.3 Medium2026-03-26
CVE-2025-15101 ASUS Router 安全漏洞 — Router 8.8 -2026-03-26
CVE-2025-36422 IBM InfoSphere Information Server is vulnerable to cross-site request forgery — InfoSphere Information Server 4.3 Medium2026-03-25
CVE-2026-3857 Cross-Site Request Forgery (CSRF) in GitLab — GitLab 8.1 High2026-03-25

Vulnerabilities classified as CWE-352 (跨站请求伪造(CSRF)) represent 4750 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.