CVE-2025-6001

Name of the Vulnerable Software and Affected Versions VirtueMart (affected versions not specified)

Description A Cross-Site Request Forgery (CSRF) issue exists in the product image upload function of VirtueMart, allowing an attacker to bypass the CSRF protection token. This enables the attacker to craft a special CSRF request for unrestricted file upload into the VirtueMart media manager.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.