What is CVE-2018-25363?

CVE-2018-25363 is a medium-severity vulnerability in Fyffe Php-twitter-clone, classified under Cross-Site Request Forgery (CSRF). CVSS score: 4.3/10. Published 2026-05-25.

How severe is CVE-2018-25363?

Medium severity. CVSS v3 base score is 4.3 out of 10.

CSRF in Fyffe Php-twitter-clone

CVE-2018-25363

Twitter-Clone 1 contains a cross-site request forgery vulnerability that allows remote attackers to force victims to delete posts by crafting malicious HTML forms. Attackers can create hidden forms targeting tweetdel.php with tweet IDs and…

Vulnerability class: CSRF (Cross-Site Request Forgery)

EPSS: 0.000 (6.0th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 4.3 (Medium). Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N.

Affected products

Fyffe Php-twitter-clone — versions 1.0

Weakness classification (CWE)

CWE-352 — Cross-Site Request Forgery (CSRF)

References

disclosure@vulncheck.com (exploit)
disclosure@vulncheck.com (product)
disclosure@vulncheck.com (third-party-advisory)

Frequently asked questions

What is CVE-2018-25363?: CVE-2018-25363 is a medium-severity vulnerability in Fyffe Php-twitter-clone, classified under Cross-Site Request Forgery (CSRF). CVSS score: 4.3/10. Published 2026-05-25.
How severe is CVE-2018-25363?: Medium severity. CVSS v3 base score is 4.3 out of 10.