CVE-2025-29722 Information

Description

A CSRF vulnerability in Commercify v1.0 allows remote attackers to perform unauthorized actions on behalf of authenticated users. The issue exists due to missing CSRF protection on sensitive endpoints.

Reference

https://github.com/cypherdavy/CVE-2025-29722 https://github.com/yassmittal/Commercify