UCRM Client Signup Plugin

CVEs (1)

CVE	Vendor / Product	Sev	Risk	CVSS	EPSS	KEV	Published	Description
CVE-2025-24289	Ubiquiti Inc UCRM Client Signup Plugin	Hig	0.49	7.5	0.00		Jun 29, 2025	A Cross-Site Request Forgery (CSRF) leading to Cross-Site Scripting (XSS) vulnerability in the UCRM Client Signup Plugin (v1.3.4 and earlier) could allow privilege escalation if an Administrator is tricked into visiting a crafted malicious page. The plugin is disabled by default.

CVE-2025-24289HigJun 29, 2025
Ubiquiti Inc
UCRM Client Signup Plugin
risk 0.49cvss 7.5epss 0.00
A Cross-Site Request Forgery (CSRF) leading to Cross-Site Scripting (XSS) vulnerability in the UCRM Client Signup Plugin (v1.3.4 and earlier) could allow privilege escalation if an Administrator is tricked into visiting a crafted malicious page. The plugin is disabled by default.