Pluck@4.7.10 Security Vulnerabilities and Issues — Pluck@4.7.10 CVE List

Lucene search

Pluck-cmsPluck4.7.10

2 matches found

CVE-2020-20951

In Pluck-4.7.10-dev2 admin background, a remote command execution vulnerability exists when uploading files.

CVE-2020-24740

An issue was discovered in Pluck 4.7.10-dev2. There is a CSRF vulnerability that can editpage via a /admin.php?action=editpage