Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-352 (跨站请求伪造(CSRF)) — Vulnerability Class 4796

4796 vulnerabilities classified as CWE-352 (跨站请求伪造(CSRF)). AI Chinese analysis included.

CWE-352, Cross-Site Request Forgery, is a web application weakness where the system fails to verify that an incoming request was intentionally initiated by the authenticated user rather than an unauthorized actor. Attackers typically exploit this vulnerability by tricking a victim into submitting a malicious request, often via a hidden link or form on a third-party site, while the victim is logged into the target application. Because the browser automatically includes valid session cookies, the server processes the forged request as legitimate, potentially allowing unauthorized actions like fund transfers or profile changes. Developers mitigate this risk by implementing anti-CSRF tokens, synchronizer tokens, or validating the Origin and Referer headers to ensure requests originate from trusted sources, thereby preventing unauthorized state changes.

MITRE CWE Description
The web application does not, or cannot, sufficiently verify whether a request was intentionally provided by the user who sent the request, which could have originated from an unauthorized actor.
Common Consequences (1)
Confidentiality, Integrity, Availability, Non-Repudiation, Access ControlGain Privileges or Assume Identity, Bypass Protection Mechanism, Read Application Data, Modify Application Data, DoS: Crash, Exit, or Restart
The consequences will vary depending on the nature of the functionality that is vulnerable to CSRF. An attacker could trick a client into making an unintentional request to the web server via a URL, image load, XMLHttpRequest, etc., which would then be treated as an authentic request from the client…
Mitigations (5)
Architecture and DesignUse a vetted library or framework that does not allow this weakness to occur or provides constructs that make this weakness easier to avoid [REF-1482]. For example, use anti-CSRF packages such as the OWASP CSRFGuard. [REF-330] Another example is the ESAPI Session Management control, which includes a component for CSRF. [REF-45]
ImplementationEnsure that the application is free of cross-site scripting issues (CWE-79), because most CSRF defenses can be bypassed using attacker-controlled script.
Architecture and DesignGenerate a unique nonce for each form, place the nonce into the form, and verify the nonce upon receipt of the form. Be sure that the nonce is not predictable (CWE-330). [REF-332]
Architecture and DesignIdentify especially dangerous operations. When the user performs a dangerous operation, send a separate confirmation request to ensure that the user intended to perform that operation.
Architecture and DesignUse the "double-submitted cookie" method as described by Felten and Zeller: When a user visits a site, the site should generate a pseudorandom value and set it as a cookie on the user's machine. The site should require every form submission to include this value as a form value and also as a cookie value. When a POST request is sent to the site, the request should only be considered valid if the f…
Examples (1)
This example PHP code attempts to secure the form submission process by validating that the user submitting the form has a valid session. A CSRF attack would not be prevented by this countermeasure because the attacker forges a request through the user's web browser in which a valid session already exists.
<form action="/url/profile.php" method="post"> <input type="text" name="firstname"/> <input type="text" name="lastname"/> <br/> <input type="text" name="email"/> <input type="submit" name="submit" value="Update"/> </form>
Bad · HTML
// initiate the session in order to validate sessions session_start(); //if the session is registered to a valid user then allow update if (! session_is_registered("username")) { echo "invalid session detected!"; // Redirect user to login page [...] exit; } // The user session is valid, so process the request // and update the information update_profile(); function update_profile { // read in the data from $POST and send an update // to the database SendUpdateToDatabase($_SESSION['username'], $_POST['email']); [...] echo "Your profile has been successfully updated."; }
Bad · PHP
CVE IDTitleCVSSSeverityPublished
CVE-2025-46497 WordPress Navegg Analytics plugin <= 3.3.3 - Cross Site Request Forgery (CSRF) vulnerability — Navegg Analytics 7.1 High2025-04-24
CVE-2025-46495 WordPress Drop Caps plugin <= 2.1 - CSRF to XSS vulnerability — Drop Caps 6.5 Medium2025-04-24
CVE-2025-46492 WordPress Call Now PHT Blog plugin <= 2.4.1 - CSRF to XSS vulnerability — Call Now PHT Blog 7.1 High2025-04-24
CVE-2025-46466 WordPress Modern Polls plugin <= 1.0.10 - CSRF to Stored XSS vulnerability — Modern Polls 7.1 High2025-04-24
CVE-2025-46465 WordPress Print Science Designer plugin <= 1.3.155 - CSRF to Stored XSS vulnerability — Print Science Designer 7.1 High2025-04-24
CVE-2025-46462 WordPress WPVN plugin <= 0.7.8 - Cross Site Request Forgery (CSRF) Vulnerability — WPVN 4.3 Medium2025-04-24
CVE-2025-46452 WordPress Google News plugin <= 2.5.1 - CSRF to Stored XSS vulnerability — Google News 7.1 High2025-04-24
CVE-2025-46450 WordPress occupancyplan plugin <= 1.0.3.0 - Cross Site Request Forgery (CSRF) to Stored XSS vulnerability — occupancyplan 7.1 High2025-04-24
CVE-2025-46436 WordPress SCSS-Library plugin <= 0.4.1 - Cross Site Request Forgery (CSRF) Vulnerability — SCSS-Library 4.3 Medium2025-04-24
CVE-2025-46439 WordPress Plugin Central plugin <= 2.5.1 - CSRF to Arbitrary File Deletion vulnerability — Plugin Central 7.4 High2025-04-24
CVE-2025-46435 WordPress Time Based Greeting plugin <= 2.2.2 - CSRF to Stored XSS vulnerability — Time Based Greeting 7.1 High2025-04-24
CVE-2025-39381 WordPress KiotViet Sync plugin <= 1.8.4 - CSRF to Stored XSS vulnerability — KiotViet Sync 7.1 High2025-04-24
CVE-2025-3907 Search API Solr - Moderately critical - Cross Site Request Forgery - SA-CONTRIB-2025-046 — Search API Solr 8.8 -2025-04-23
CVE-2025-31328 Cross-Site Request Forgery (CSRF) vulnerability in SAP S/4 HANA (Learning Solution) — SAP S/4 HANA (Learning Solution) 4.6 Medium2025-04-22
CVE-2025-46251 WordPress VikRestaurants Table Reservations and Take-Away plugin <= 1.3.3 - CSRF to Stored XSS vulnerability — VikRestaurants 7.1 High2025-04-22
CVE-2025-46249 WordPress Simple calendar for Elementor plugin <= 1.6.4 - Cross Site Request Forgery (CSRF) Vulnerability — Simple calendar for Elementor 4.3 Medium2025-04-22
CVE-2025-46245 WordPress CM Ad Changer plugin <= 2.0.5 - Cross Site Request Forgery (CSRF) Vulnerability — CM Ad Changer 4.3 Medium2025-04-22
CVE-2025-46246 WordPress CM Answers plugin <= 3.3.3 - Cross Site Request Forgery (CSRF) Vulnerability — CM Answers 4.3 Medium2025-04-22
CVE-2025-46243 WordPress Recover abandoned cart for WooCommerce plugin <= 2.2 - Cross Site Request Forgery (CSRF) Vulnerability — Recover abandoned cart for WooCommerce 4.3 Medium2025-04-22
CVE-2025-46241 WordPress Appointment Booking Calendar plugin <= 1.3.92 - CSRF to SQL Injection vulnerability — Appointment Booking Calendar 8.2 High2025-04-22
CVE-2025-46231 WordPress affiliate-toolkit plugin <= 3.7.3 - Cross Site Request Forgery (CSRF) Vulnerability — affiliate-toolkit 5.4 Medium2025-04-22
CVE-2025-3843 panhainan DS-Java cross-site request forgery — DS-Java 4.3 Medium2025-04-21
CVE-2025-3808 zhenfeng13 My-BBS cross-site request forgery — My-BBS 4.3 Medium2025-04-19
CVE-2025-2111 WP Headers And Footers <= 3.1.1 - Cross-Site Request Forgery to Arbitrary Options Update — Insert Headers And Footers 7.5 High2025-04-19
CVE-2025-3284 User Registration & Membership PRO – Custom Registration Form, Login Form, and User Profile <= 5.1.3 - Cross-Site Request Forgery to User Deletion — User Registration PRO – Custom Registration Form, Login Form, and User Profile WordPress Plugin 4.3 Medium2025-04-19
CVE-2025-32546 WordPress All push notification for WP Plugin <= 1.5.3 - CSRF to Reflected Cross Site Scripting (XSS) vulnerability — All push notification for WP 7.1 High2025-04-17
CVE-2025-32545 WordPress WooCommerce Products without featured images Plugin <= 0.1 - CSRF to Reflected Cross Site Scripting (XSS) vulnerability — WooCommerce Products without featured images 7.1 High2025-04-17
CVE-2025-32606 WordPress Listings for Buildium plugin <= 0.1.5 - Cross Site Request Forgery (CSRF) vulnerability — Listings for Buildium 7.1 High2025-04-17
CVE-2025-32655 WordPress Restrict User Registration plugin <= 1.0.1 - CSRF to Stored XSS vulnerability — Restrict User Registration 7.1 High2025-04-17
CVE-2025-39414 WordPress spam-stopper plugin <= 3.1.3 - CSRF to Stored XSS vulnerability — spam-stopper 7.1 High2025-04-17

Vulnerabilities classified as CWE-352 (跨站请求伪造(CSRF)) represent 4796 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.