Skip to main content

Wisecp

1 CVEs product

Monthly

CVE-2025-11954 HIGH This Week

Cross-site request forgery in Sitemio Information Technologies' WISECP product through version 20022026 allows attackers to trick authenticated users into performing unintended state-changing actions by visiting a malicious page. Successful exploitation carries high impact across confidentiality, integrity, and availability (CVSS 8.0), though it requires user interaction and the victim to hold valid low-privilege credentials. No public exploit identified at time of analysis, and the vendor did not respond to disclosure outreach by TR-CERT.

CSRF Wisecp
NVD
CVSS 3.1
8.0
EPSS
0.0%
EPSS 0% CVSS 8.0
HIGH This Week

Cross-site request forgery in Sitemio Information Technologies' WISECP product through version 20022026 allows attackers to trick authenticated users into performing unintended state-changing actions by visiting a malicious page. Successful exploitation carries high impact across confidentiality, integrity, and availability (CVSS 8.0), though it requires user interaction and the victim to hold valid low-privilege credentials. No public exploit identified at time of analysis, and the vendor did not respond to disclosure outreach by TR-CERT.

CSRF Wisecp
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy