CVE-2025-67598

Publication date

2025-12-09 14:14:19

Family

Patchstack

State

PUBLISHED

Description

Cross-Site Request Forgery (CSRF) vulnerability in PSM Plugins SupportCandy supportcandy allows Cross Site Request Forgery.This issue affects SupportCandy: from n/a through <= 3.4.1.