CVE-2025-13179
MEDIUMBdtask Wholesale < 2025-10-16 - Missing Authorization
Title source: ruleDescription
A vulnerability has been found in Bdtask/CodeCanyon Wholesale Inventory Control and Inventory Management System up to 20250320. This issue affects some unknown processing. Such manipulation leads to cross-site request forgery. The attack may be performed from remote. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
References (4)
Scores
CVSS v3
4.3
EPSS
0.0005
EPSS Percentile
16.5%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
Classification
CWE
CWE-862
CWE-352
Status
published
Affected Products (1)
bdtask/wholesale
< 2025-10-16
Timeline
Published
Nov 14, 2025
Tracked Since
Feb 18, 2026