CVE-2025-23476
CVSS 3.1 Score 7.1 of 10 (high)
Details
Summary
CVE-2025-23476 is a newly disclosed vulnerability affecting the my-related-posts module of isnowfy. This issue combines Cross-Site Request Forgery (CSRF) and Stored Cross-Site Scripting (XSS) vulnerabilities. An attacker can exploit the CSRF flaw to manipulate user actions, while the Stored XSS vulnerability allows the insertion of malicious scripts into the application. These vulnerabilities impact all versions of my-related-posts from n/a through 1.1, posing a significant security risk to users. It is crucial to apply the necessary patches or updates to mitigate these threats.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.