CVE-2025-15373 | EyouCMS up to 1.7.7 application/function.php saveRemote server-side request forgery

Inserito da Angelo Barbosa | Dic 30, 2025 | CVE

A vulnerability classified as critical was found in EyouCMS up to 1.7.7. Impacted is the function saveRemote of the file application/function.php. Such manipulation leads to server-side request forgery.

This vulnerability is referenced as CVE-2025-15373. It is possible to launch the attack remotely. Furthermore, an exploit is available.

The vendor is “[a]cknowledging the existence of the vulnerability, we have completed the fix and will release a new version, v1.7.8”.

CVE-2025-15373 | EyouCMS up to 1.7.7 application/function.php saveRemote server-side request forgery

Post correlati

CVE-2024-34813 | MoreConvert MC Woocommerce Wishlist Plugin up to 1.7.8 on WordPress authorization

CVE-2025-7399 | Betheme Plugin up to 28.1.3 on WordPress Setting cross site scripting

CVE-2024-31387 | Popup Like Box Plugin up to 3.7.2 on WordPress cross site scripting

CVE-2024-7574 | Christmasify Plugin up to 1.5.5 on WordPress cross-site request forgery