cleantalk
Vulnerabilities and Security Researches

Connector to CiviCRM with CiviMcRestFace, CVE-2025-31618

CVE, Research URL

CVE-2025-31618

Home page URL

Security reports for Connector to CiviCRM with CiviMcRestFace

Application

Connector to CiviCRM with CiviMcRestFace

Published on
Mar 31, 2025
Research Description
Missing Authorization vulnerability in Jaap Jansma Connector to CiviCRM with CiviMcRestFace allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Connector to CiviCRM with CiviMcRestFace: from n/a through 1.0.9.
Affected versions
Min -, max 1.0.9.
Status
vulnerable
Previous vulnerability researches
Responsive Filterable Portfolio (CVE-2019-25221) , Dec 14, 2024
Responsive Filterable Portfolio (CVE-2023-2119) , Jun 07, 2024
Responsive Filterable Portfolio (CVE-2024-51785) , Nov 08, 2024
New vulnerability
ContentMX Content Publisher (CVE-2025-31555) , Apr 03, 2025
Float menu – awesome floating side menu (CVE-2025-30912) , Apr 03, 2025
Exit Popup Free (CVE-2025-31591) , Apr 03, 2025
Advanced Post Search (CVE-2025-30548) , Apr 03, 2025
Leaky Paywall (CVE-2025-31083) , Apr 03, 2025