Cross-Site Scripting Vulnerability in MikeCen WeChat-Face-Recognition
CVE-2025-10943

5.1MEDIUM

Key Information:

Vendor

Mikecen

Status
Wechat-face-recognition
Vendor
CVE Published:
25 September 2025

What is CVE-2025-10943?

A security flaw has been identified in the MikeCen WeChat-Face-Recognition application, particularly in the wx.php file's valid function. This flaw allows attackers to manipulate the echostr argument, leading to cross-site scripting vulnerabilities. Since the product does not follow versioning, it's challenging to ascertain the full extent of affected releases. Attempts to notify the vendor regarding this issue have gone unanswered, leaving users at risk of remote attacks via this vector.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

WeChat-Face-Recognition 6e3f72bf8547d80b59e330f1137e4aa505f492c1

References

https://vuldb.com/?id.325813
vdb-entrytechnical-description
https://vuldb.com/?ctiid.325813
signaturepermissions-required
https://vuldb.com/?submit.651882
third-party-advisory

CVSS V4

Score:
5.1
Severity:
MEDIUM
Confidentiality:
None
Integrity:
Low
Availability:
None
Attack Vector:
Network
Attack Complexity:
Low
Attack Required:
None
Privileges Required:
Undefined
User Interaction:
Unknown

Timeline

  • Vulnerability published

  • Vulnerability Reserved

Credit

dev03301 (VulDB User)
JSON
.