cleantalk
Vulnerabilities and Security Researches

REST API TO MiniProgram, CVE-2025-28886

CVE, Research URL

CVE-2025-28886

Home page URL

Security reports for REST API TO MiniProgram

Application

REST API TO MiniProgram

Published on
Mar 12, 2025
Research Description
Cross-Site Request Forgery (CSRF) vulnerability in xjb REST API TO MiniProgram allows Cross Site Request Forgery. This issue affects REST API TO MiniProgram: from n/a through 4.7.1.
Affected versions
Min -, max 4.7.1.
Status
vulnerable
Previous vulnerability researches
Multiple Shipping And Billing Address For Woocommerce (CVE-2025-26875) , Mar 12, 2025
Multiple Shipping And Billing Address For Woocommerce (CVE-2024-56290) , Jan 08, 2025
New vulnerability
Featured Image Thumbnail Grid (CVE-2025-28918) , Mar 13, 2025
GDPR Cookie Compliance (CCPA, DSGVO, Cookie Consent) (CVE-2025-2205) , Mar 13, 2025
GDPR Cookie Compliance (CCPA, DSGVO, Cookie Consent) (CVE-2025-1622) , Mar 13, 2025
ProductDyno (CVE-2024-13413) , Mar 13, 2025
NEX-Forms – Ultimate Form Builder – Contact forms and much more (CVE-2024-13498) , Mar 13, 2025