ApusTheme Findgo Cross-Site Request Forgery Vulnerability Allowing Authentication Bypass

Vulnerability

A Cross-Site Request Forgery (CSRF) vulnerability has been identified in the ApusTheme Findgo WordPress theme, specifically in versions through 1.3.55. This vulnerability allows for authentication bypass, enabling attackers to exploit higher-privileged users into performing unintended actions under their current authentication.

Impact

Exploitation of this vulnerability could lead to authentication bypass, allowing attackers to manipulate actions on behalf of users with higher privileges.

Added: Sep 22, 2025, 8:54 PM

Updated: Sep 22, 2025, 11:04 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

5.0

exploitability

6.4

remediation

0.0

relevance

0.6

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

5.0

exploitability

6.4

remediation

0.0

relevance

0.6

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

ApusTheme Findgo Cross-Site Request Forgery Vulnerability Allowing Authentication Bypass

Vulnerability

Impact

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating