CVE-2025-10759 | Webkul QloApps up to 1.7.0 CSRF Token token authorization

A vulnerability was found in Webkul QloApps up to 1.7.0. It has been classified as problematic. This affects an unknown function of the component CSRF Token Handler. Performing manipulation of the argument token results in authorization bypass.

This vulnerability was named CVE-2025-10759. The attack may be initiated remotely. In addition, an exploit is available.

The vendor explains: “As We are already aware about this vulnerability and our Internal team are already working on this issue. (…) We’ll implement the fix for this vulnerability in our next major release.”VulDB Recent EntriesRead More