cypherdavy/CVE-2025-29722

Releases0

Cross Site Request Forgery (CSRF) in Commercify v1.0

CVE History

CVE	Published	CVSS v3	CVSS v2
CVE-2025-29722 ↗	Apr 17, 2025Thursday, 17 April 2025, 18:15	6.3 MEDIUM	—
A CSRF vulnerability in Commercify v1.0 allows remote attackers to perform unauthorized actions on behalf of authenticated users. The issue exists due to missing CSRF protection on sensitive endpoints.