CVE-2025-26963

High CVSS: 8.8

Cross-Site Request Forgery (CSRF) vulnerability in ClickWhale ClickWhale clickwhale allows Cross Site Request Forgery.This issue affects ClickWhale: from n/a through <= 2.4.3.

Vendor

Flowdee

Product

Clickwhale

CWE

CWE-352

Yayın Tarihi

2025-02-25 15:15:29

Güncelleme

2026-04-01 17:19:15

Source Identifier

audit@patchstack.com

KEV Date Added

Kategoriler

CWE-352 Clickwhale HIGH Flowdee 2025

Referanslar

https://patchstack.com/database/Wordpress/Plugin/clickwhale/vulnerability/wordpress-clickwhale-plugin-2-4-3-cross-site-request-forgery-csrf-to-settings-change-vulnerability?_s_id=cve

Benzer Kayıtlar

High

CVE-2025-47612

Missing Authorization vulnerability in ClickWhale ClickWhale clickwhale allows Exploiting Incorrectly Configured Access…

Medium

CVE-2025-0804

The ClickWhale – Link Manager, Link Shortener and Click Tracker for Affiliate Links & Link Pages plugin for WordPress is…

Medium

CVE-2024-11327

The ClickWhale – Link Manager, Link Shortener and Click Tracker for Affiliate Links & Link Pages plugin for WordPress is…

Unknown

CVE-2024-51715

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in ClickWhale ClickWh…