CVE-2025-11954 PUBLISHED

CSRF in Sitemio's WISECP

Assigner: TR-CERT
Reserved: 20.10.2025 Published: 20.05.2026 Updated: 20.05.2026

Cross-Site request forgery (CSRF) vulnerability in Sitemio Information Technologies Trade Ltd. Co. WISECP allows Cross Site Request Forgery.

This issue affects WISECP: through 20022026. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
CVSS Score: 8

CVSS 3.1

Vendor	Sitemio Information Technologies Trade Ltd. Co.
Product	WISECP
Versions	Default: unknown affected from 0 to 20022026 (incl.)