Pluck@4.7.18 Security Vulnerabilities and Issues — Pluck@4.7.18 CVE List

Lucene search

Pluck-cmsPluck4.7.18

3 matches found

CVE•added 2023/12/14 3:15 p.m.•59 views

CVE-2023-50564

An arbitrary file upload vulnerability in the component /inc/modules_install.php of Pluck-CMS v4.7.18 allows attackers to execute arbitrary code via uploading a crafted ZIP file.

8.8CVSS8.8AI score0.1912EPSS

CVE•added 2024/08/16 8:15 p.m.•48 views

CVE-2024-43042

Pluck CMS 4.7.18 does not restrict failed login attempts, allowing attackers to execute a brute force attack.

9.8CVSS6.9AI score0.00222EPSS

CVE•added 2023/09/16 11:15 p.m.•37 views

CVE-2023-5013

A vulnerability has been found in Pluck CMS 4.7.18 and classified as problematic. This vulnerability affects unknown code of the file install.php of the component Installation Handler. The manipulation of the argument contents with the input leads to cross site scripting. The attack can be initiat...

5.4CVSS4.3AI score0.0007EPSS