CVE-2026-1745 MEDIUM

CVE-2026-1745: SourceCodester Medical Certificate Generator App cross-site request forgery

Vendor Sourcecodester

Product Medical Certificate Generator App

Weakness CWE-352 · CSRF

Published February 2, 2026

Last update February 23, 2026

View on NVD All CVEs

CVSS base score

5.3/10

Attack vector Network

Attack complexity Low

Privileges required None

User interaction —

Confidentiality —

Integrity —

CVSS vector

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P

What the vulnerability does

01Description

A vulnerability was determined in SourceCodester Medical Certificate Generator App 1.0. This affects an unknown part. This manipulation causes cross-site request forgery. Remote exploitation of the attack is possible. The exploit has been publicly disclosed and may be utilized.

Key dates

02Disclosure timeline

February 2, 2026 CVE published

February 23, 2026 Record updated

External resources

03References

NVD — National Vulnerability Database https://nvd.nist.gov/vuln/detail/CVE-2026-1745 CWE — Common Weakness Enumeration https://cwe.mitre.org/data/definitions/352.html

Related vulnerabilities

04Related CVE

CVE-2026-32328 WordPress Lemmony theme < 1.7.1 - Cross Site Request Forgery (CSRF) vulnerability CVE-2025-32641 WordPress Anant Addons for Elementor plugin <= 1.1.8 - CSRF to Arbitrary Plugin Installation vulnerability CVE-2022-3747 Becustom <= 1.0.5.2 - Cross-Site Request Forgery CVE-2026-0493 Cross-Site Request Forgery (CSRF) vulnerability in SAP Fiori App (Intercompany Balance Reconciliation) CVE-2025-12132 WP Custom Admin Login Page Logo <= 1.4.8.4 - Cross-Site Request Forgery to Settings Update