cleantalk
Vulnerabilities and Security Researches

Connector to CiviCRM with CiviMcRestFace, CVE-2025-31618

CVE, Research URL

CVE-2025-31618

Home page URL

Security reports for Connector to CiviCRM with CiviMcRestFace

Application

Connector to CiviCRM with CiviMcRestFace

Published on
Mar 31, 2025
Research Description
Missing Authorization vulnerability in Jaap Jansma Connector to CiviCRM with CiviMcRestFace allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Connector to CiviCRM with CiviMcRestFace: from n/a through 1.0.9.
Affected versions
Min -, max 1.0.9.
Status
vulnerable
Previous vulnerability researches
pixelstats (CVE-2025-2164) , Mar 16, 2025
New vulnerability
History Log by click5 (CVE-2025-31531) , Apr 03, 2025
Planyo online reservation system (CVE-2025-31811) , Apr 03, 2025
JSON Structuring Markup (CVE-2025-31908) , Apr 03, 2025
Subscription Form for Feedblitz (CVE-2025-31745) , Apr 03, 2025
Greek Multi Tool – Fix peralinks, accents, auto create menus and more (CVE-2025-30797) , Apr 03, 2025