CVE 8.8 HIGH

WordPress Chartify plugin <= 3.6.3 - Cross Site Request Forgery (CSRF) vulnerability_CVE-2025-66529

December 11, 2025 invoker category_cve
8.8 / 10
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Description

Cross-Site Request Forgery (CSRF) vulnerability in Ays Pro Chartify chart-builder allows Cross Site Request Forgery.This issue affects Chartify: from n/a through <= 3.6.3.

AI Analysis

Cross-Site Request Forgery (CSRF) vulnerability in Chartify chart-builder

Basic Information

ID CVE-2025-66529
Source Patchstack
Published Dec 9, 2025 at 14:13
Modified Dec 11, 2025 at 19:16

Affected Product

Vendor Ays Pro
Product Chartify
Version n/a
Affected Versions Ays Pro Chartify n/a

CWE Classification

CWE-352

AI Assessment

AI Score 8.8 / 10
AI Severity High
Vendor Ays Pro
Product Chartify
Version <= 3.6.3

References

💭 Join the Security Discussion

🔒 Your email address will not be published. Required fields are marked *

⚠️ Please be respectful and constructive in your comments. Security discussions should remain professional.