13 matches found
CVE-2026-32276
Connect-CMS is a content management system. In versions on the 1.x series up to and including 1.41.0 and versions on the 2.x series up to and including 2.41.0, an authenticated user may be able to execute arbitrary code in the Code Study Plugin. Versions 1.41.1 and 2.41.1 contain a patch...
CVE-2026-32276
Connect-CMS is a content management system. In versions on the 1.x series up to and including 1.41.0 and versions on the 2.x series up to and including 2.41.0, an authenticated user may be able to execute arbitrary code in the Code Study Plugin. Versions 1.41.1 and 2.41.1 contain a patch...
CVE-2026-32276
CVE-2026-32276 affects Connect-CMS and its Code Study Plugin . Affected versions: 1.x ≤ 1.41.0 and 2.x ≤ 2.41.0. An authenticated user could trigger arbitrary code execution on the server through the Code Study Plugin. The vulnerability is addressed in patched releases: 1.41.1 (1.x) and 2.41.1 (2...
CVE-2026-32276
Connect-CMS is a content management system. In versions on the 1.x series up to and including 1.41.0 and versions on the 2.x series up to and including 2.41.0, an authenticated user may be able to execute arbitrary code in the Code Study Plugin. Versions 1.41.1 and 2.41.1 contain a patch...
CVE-2026-32276 Connect-CMS has Arbitrary Code Execution by an Authenticated User in its Code Study Plugin
Connect-CMS is a content management system. In versions on the 1.x series up to and including 1.41.0 and versions on the 2.x series up to and including 2.41.0, an authenticated user may be able to execute arbitrary code in the Code Study Plugin. Versions 1.41.1 and 2.41.1 contain a patch...
CVE-2026-32276 Connect-CMS has Arbitrary Code Execution by an Authenticated User in its Code Study Plugin
Connect-CMS is a content management system. In versions on the 1.x series up to and including 1.41.0 and versions on the 2.x series up to and including 2.41.0, an authenticated user may be able to execute arbitrary code in the Code Study Plugin. Versions 1.41.1 and 2.41.1 contain a patch...
CVE-2026-32276 Connect-CMS has Arbitrary Code Execution by an Authenticated User in its Code Study Plugin
Connect-CMS is a content management system. In versions on the 1.x series up to and including 1.41.0 and versions on the 2.x series up to and including 2.41.0, an authenticated user may be able to execute arbitrary code in the Code Study Plugin. Versions 1.41.1 and 2.41.1 contain a patch...
EUVD-2026-14566
Connect-CMS has Arbitrary Code Execution by an Authenticated User in its Code Study Plugin...
GHSA-HXQW-6QV7-CQFV Connect-CMS has Arbitrary Code Execution by an Authenticated User in its Code Study Plugin
Security Advisory — Code Study Plugin Summary An authenticated user may be able to execute arbitrary code in the Code Study Plugin. Affected Versions - 1.x series: = 1.41.0 - 2.x series: = 2.41.0 Patched Versions - 1.41.1 - 2.41.1 Description In the Code Study Plugin, an authenticated user could...
Arbitrary Code Injection
Overview Affected versions of this package are vulnerable to Arbitrary Code Injection in the Code Study Plugin. An attacker can execute arbitrary code on the server or access sensitive information by submitting crafted input as an authenticated user. Remediation Upgrade...
Connect-CMS has Arbitrary Code Execution by an Authenticated User in its Code Study Plugin
Security Advisory — Code Study Plugin Summary An authenticated user may be able to execute arbitrary code in the Code Study Plugin. Affected Versions - 1.x series: = 1.41.0 - 2.x series: = 2.41.0 Patched Versions - 1.41.1 - 2.41.1 Description In the Code Study Plugin, an authenticated user could...
PT-2026-27219
Security Advisory — Code Study Plugin Summary An authenticated user may be able to execute arbitrary code in the Code Study Plugin. Affected Versions - 1.x series: = 1.41.0 - 2.x series: = 2.41.0 Patched Versions - 1.41.1 - 2.41.1 Description In the Code Study Plugin, an authenticated user could...
OpenSource-WorkShop Connect-CMS 代码注入漏洞
OpenSource-WorkShop Connect-CMS is a content management system used by the OpenSource-WorkShop company, designed for easy website creation. Versions of OpenSource-WorkShop Connect-CMS prior to 1.41.0 and 2.41.0 contain a code injection vulnerability. This vulnerability stems from issues with the...