CVE-2025-60535 | Wallos 4.1.1 GET Request currency cross-site request forgery

October 14, 2025 Yanac

A vulnerability, which was classified as problematic, was found in Wallos 4.1.1. This affects an unknown function of the file /endpoints/currency/currency of the component GET Request Handler. The manipulation results in cross-site request forgery.

This vulnerability is reported as CVE-2025-60535. The attack can be launched remotely. No exploit exists.VulDB Recent EntriesRead More

CVE-2025-11176 | Quick Featured Images Plugin up to 13.7.2 on WordPress qfi_set_thumbnail resource injection
CVE-2025-54603 | Claroty Secure Access up to 4.0.2 improper authentication