CVE-2025-5521 – WuKongOpenSource WukongCRM Cross-Site Request Forgery Vulnerability

June 3, 2025

CVE ID : CVE-2025-5521

Published : June 3, 2025, 7:15 p.m. | 15 minutes ago

Description : A vulnerability was found in WuKongOpenSource WukongCRM 9.0. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /system/user/updataPassword. The manipulation leads to cross-site request forgery. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

Severity: 4.3 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-5522 – Jack0240 魏 bskms 蓝天幼儿园管理系统 Unauthenticated Remote Authorization Bypass Vulnerability

Next Article CVE-2025-48998 – DataEase Arbitrary File Deserialization

The Case For Minimal WordPress Setups: A Contrarian View On Theme Frameworks

How To Fix Largest Contentful Paint Issues With Subpart Analysis

How To Prevent WordPress SQL Injection Attacks

AI is currently in its teenage years, battling raging hormones

4 ways your organization can adapt and thrive in the age of AI

Google’s new Search tool turns financial info into interactive charts – how to try it

This rugged Android phone has something I’ve never seen on competing models

Anthropic’s new AI models for classified info are already in use by US gov

Handling PostgreSQL Migrations in Node.js

Handling PostgreSQL Migrations in Node.js

How to Add Product Badges in Optimizely Configured Commerce Spire

Salesforce Health Check Assessment Unlocks ROI

Microsoft: Run PS script now if you deleted “inetpub” on Windows 11, Windows 10

Microsoft: Run PS script now if you deleted “inetpub” on Windows 11, Windows 10

Spf Permerror Troubleshooting Guide For Better Email Deliverability Today

Amap – Gather Info in Easy Way

CVE-2025-5521 – WuKongOpenSource WukongCRM Cross-Site Request Forgery Vulnerability

Leadership, Trust, and Cyber Hygiene: NCSC’s Guide to Security Culture in Action

CVE-2025-5399 – “Libcurl WebSocket DoS Vulnerability”

Microsoft brings AI model building to macOS with new Foundry tool

Microsoft is forcing Windows 11 24H2 update on all eligible PCs, but is it stable enough?

CISA Adds Five-Year-Old jQuery XSS Flaw to Exploited Vulnerabilities List

CVE-2025-46482 – MyThemeShop WP Quiz Stored Cross-site Scripting Vulnerability

CVE-2025-4440 – H3C GR-1800AX Buffer Overflow Vulnerability

I’ve fallen in love with this stunning 5K monitor and its built-in KVM switch — it’s ideal for my creative projects

The sequel to 2018’s indie darling “Moonlighter” is coming to Xbox Game Pass later this year

How to Extend the Django User Model

CVE-2025-5521 – WuKongOpenSource WukongCRM Cross-Site Request Forgery Vulnerability

Related Posts