CSRF Vulnerability in WISECP by Sitemio Information Technologies
CVE-2025-11954

8HIGH

Key Information:

Vendor: Sitemio Information Technologies Trade Ltd. Co.
Status: Wisecp
Vendor: CVE Published:; 20 May 2026

🔔 Create Sitemio Information Technologies Trade Ltd. Co. Vulnerability Alert

What is CVE-2025-11954?

A Cross-Site Request Forgery (CSRF) vulnerability exists in WISECP by Sitemio Information Technologies Trade Ltd. Co. This flaw allows an attacker to perform unauthorized actions on behalf of a user without their consent, potentially compromising user accounts and data integrity. The vulnerability affects WISECP until version 20022026. Despite early disclosure attempts, the vendor has not provided any response or remediation actions.

Affected Version(s)

WISECP 0 <= 20022026

References

https://siberguvenlik.gov.tr/guvenlik-bildirimleri/detay/...

government-resource

CVSS V3.1

Score:

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

Required

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
May 20, 2026
Vulnerability Reserved
Oct 20, 2025

Credit

Akıner KISA

CVE-2025-11954 Data

JSON