Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-352 (跨站请求伪造(CSRF)) — Vulnerability Class 4754

4754 vulnerabilities classified as CWE-352 (跨站请求伪造(CSRF)). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2025-28923 WordPress No Disposable Email plugin <= 2.5.1 - CSRF to Stored XSS vulnerability — No Disposable Email 7.1 High2025-03-11
CVE-2025-28913 WordPress WP Add Active Class To Menu Item plugin <=1.0 - Cross Site Request Forgery (CSRF) vulnerability — WP Add Active Class To Menu Item 4.3 Medium2025-03-11
CVE-2025-28912 WordPress Custom Dashboard Page plugin <= 1.0 - Cross Site Request Forgery (CSRF) vulnerability — Custom Dashboard Page 4.3 Medium2025-03-11
CVE-2025-28910 WordPress WP Hide Admin Bar plugin <= 2.0 - Cross Site Request Forgery (CSRF) vulnerability — WP Hide Admin Bar 4.3 Medium2025-03-11
CVE-2025-28909 WordPress WP No-Bot Question plugin <= 0.1.7 - Cross Site Request Forgery (CSRF) vulnerability — WP No-Bot Question 4.3 Medium2025-03-11
CVE-2025-28902 WordPress Contact Form 7 Select Box Editor Button plugin <= 0.6 - Cross Site Request Forgery (CSRF) vulnerability — Contact Form 7 Select Box Editor Button 4.3 Medium2025-03-11
CVE-2025-28901 WordPress Members page only for logged in users plugin <= 1.4.2 - CSRF to Stored XSS vulnerability — Members page only for logged in users 7.1 High2025-03-11
CVE-2025-28900 WordPress TabGarb Pro plugin <= 2.6 - CSRF to Stored XSS vulnerability — TabGarb Pro 7.1 High2025-03-11
CVE-2025-28897 WordPress Domain Theme plugin <= 1.3 - CSRF to Stored XSS vulnerability — Domain Theme 7.1 High2025-03-11
CVE-2025-28894 WordPress List of Posts from each Category plugin for WordPress plugin <= 2.0 - CSRF to Stored XSS vulnerability — List of Posts from each Category plugin for WordPress 7.1 High2025-03-11
CVE-2025-28892 WordPress FTP Sync plugin <= 1.1.6 - CSRF to Stored XSS vulnerability — FTP Sync 7.1 High2025-03-11
CVE-2025-28891 WordPress price-calc plugin <= 0.6.3 - CSRF to Stored XSS vulnerability — price-calc 7.1 High2025-03-11
CVE-2025-28887 WordPress Plugins Last Updated Column plugin <= 0.1.3 - Cross Site Request Forgery (CSRF) vulnerability — Plugins Last Updated Column 4.3 Medium2025-03-11
CVE-2025-28886 WordPress REST API TO MiniProgram plugin <= 5.1.2 - Cross Site Request Forgery (CSRF) vulnerability — REST API TO MiniProgram 4.3 Medium2025-03-11
CVE-2025-28884 WordPress WP Bulk Post Duplicator plugin <= 1.2 - Cross Site Request Forgery (CSRF) vulnerability — WP Bulk Post Duplicator 4.3 Medium2025-03-11
CVE-2025-28883 WordPress WP Compare Tables plugin <= 1.0.5 - CSRF to Stored XSS vulnerability — WP Compare Tables 7.1 High2025-03-11
CVE-2025-28881 WordPress Mobile Themes plugin <= 1.1.1 - Cross Site Request Forgery (CSRF) vulnerability — Mobile Themes 4.3 Medium2025-03-11
CVE-2025-28876 WordPress Skrill Official plugin <= 1.0.66 - Cross Site Request Forgery (CSRF) vulnerability — Skrill Official 4.3 Medium2025-03-11
CVE-2025-28867 WordPress Frontpage category filter plugin <= 1.0.2 - Cross Site Request Forgery (CSRF) vulnerability — Frontpage category filter 4.3 Medium2025-03-11
CVE-2025-28866 WordPress Login Logger plugin <= 1.2.1 - Cross Site Request Forgery (CSRF) vulnerability — Login Logger 4.3 Medium2025-03-11
CVE-2025-28864 WordPress Builder for Contact Form 7 by Webconstruct plugin <= 1.2.2 - Cross Site Request Forgery (CSRF) vulnerability — Builder for Contact Form 7 by Webconstruct 4.3 Medium2025-03-11
CVE-2025-28863 WordPress Delete Original Image plugin <= 0.4 - Cross Site Request Forgery (CSRF) vulnerability — Delete Original Image 4.3 Medium2025-03-11
CVE-2025-28862 WordPress Comment Date and Gravatar remover plugin <= 1.0 - Cross Site Request Forgery (CSRF) vulnerability — Comment Date and Gravatar remover 4.3 Medium2025-03-11
CVE-2025-28861 WordPress WP jQuery Persian Datepicker plugin <= 0.1.0 - CSRF to Stored XSS vulnerability — WP jQuery Persian Datepicker 7.1 High2025-03-11
CVE-2025-28860 WordPress Google News Editors Picks Feed Generator plugin <= 2.1 - CSRF to Stored XSS vulnerability — Google News Editors Picks Feed Generator 7.1 High2025-03-11
CVE-2025-28859 WordPress Maintenance Notice plugin <= 1.0.6 - Cross Site Request Forgery (CSRF) vulnerability — Maintenance Notice 4.3 Medium2025-03-11
CVE-2025-28857 WordPress Rankchecker.io Integration plugin <= 1.0.9 - CSRF to Stored Cross Site Scripting (XSS) vulnerability — Rankchecker.io Integration 7.1 High2025-03-11
CVE-2025-28856 WordPress W3Counter Free Real-Time Web Stats plugin <= 4.1 - Cross Site Request Forgery (CSRF) vulnerability — W3Counter Free Real-Time Web Stats 4.3 Medium2025-03-11
CVE-2023-48790 Fortinet FortiNDR 跨站请求伪造漏洞 — FortiNDR 7.1 High2025-03-11
CVE-2024-13436 Appsero Helper <= 1.3.2 - Cross-Site Request Forgery to Stored Cross-Site Scripting — Appsero Helper 6.1 Medium2025-03-11

Vulnerabilities classified as CWE-352 (跨站请求伪造(CSRF)) represent 4754 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.