ByteOS Network

Civi Framework

Source -

CNA

CNA CVEs -

ADP CVEs -

CISA CVEs -

NVD CVEs -

1Vulnerabilities found

CVE-2025-49511

Assigner-Patchstack

View Details

Assigner-Patchstack

CVSS Score-7.1||HIGH

EPSS-0.08% / 23.02%

7 Day CHG~0.00%

Published-10 Jun, 2025 | 12:35

Updated-28 Apr, 2026 | 16:13

WordPress Civi Framework plugin <= 2.1.6 - Cross Site Request Forgery (CSRF) to User Deactivation vulnerability

Cross-Site Request Forgery (CSRF) vulnerability in uxper Civi Framework civi-framework allows Cross Site Request Forgery.This issue affects Civi Framework: from n/a through <= 2.1.6.

Vendor-uxper

Product-Civi Framework

CWE ID-CWE-352

Cross-Site Request Forgery (CSRF)