Pluck@4.7.15 Security Vulnerabilities and Issues — Pluck@4.7.15 CVE List

Lucene search

Pluck-cmsPluck4.7.15

2 matches found

CVE•added 2022/03/30 12:15 a.m.•101 views

CVE-2022-27432

A Cross-Site Request Forgery (CSRF) in Pluck CMS v4.7.15 allows attackers to change the password of any given user by exploiting this feature leading to account takeover.

8.8CVSS8.8AI score0.00129EPSS

CVE•added 2022/04/13 12:15 a.m.•68 views

CVE-2022-26589

A Cross-Site Request Forgery (CSRF) in Pluck CMS v4.7.15 allows attackers to delete arbitrary pages.

6.5CVSS6.5AI score0.00153EPSS