QSearchQSearch

CVE-2025-58468

A cross-site request forgery (CSRF) vulnerability has been reported to affect Notification Center

Published: 2026-06-10 · Last updated: 2026-06-10

Severity and scoring

CWE
CWE-352

Description

A cross-site request forgery (CSRF) vulnerability has been reported to affect Notification Center. The remote attackers can then exploit the vulnerability to gain privileges or hijack user identities. We have already fixed the vulnerability in the following version: Notification Center 1.10.0.3291 and later

Source: NVD

References

Related CVEs

Same CWE

  • CVE-2026-39170 SemCms 5.0 is vulnerable to Cross Site Request Forgery (CSRF) via crafted POST request to /admin/semcms_user.php (6.3 MEDIUM)
  • CVE-2026-8940 The WP Meta Sort Posts plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 0.9 (4.3 MEDIUM)
  • CVE-2026-8910 The WP Emoticon Rating plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.0.1 (6.1 MEDIUM)
  • CVE-2026-8909 The WpMobi plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 0.0.3 (4.3 MEDIUM)
  • CVE-2026-8907 The WP-Ultimate-Map plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.1 (6.1 MEDIUM)