Pluxml@5.8.7 Security Vulnerabilities and Issues — Pluxml@5.8.7 CVE List

Lucene search

PluxmlPluxml5.8.7

7 matches found

CVE•added 2022/03/01 2:15 a.m.•124 views

CVE-2022-25018

Pluxml v5.8.7 was discovered to allow attackers to execute arbitrary code via crafted PHP code inserted into static pages.

8.8CVSS9.1AI score0.06245EPSS

CVE•added 2022/03/01 2:15 a.m.•94 views

CVE-2022-25020

A cross-site scripting (XSS) vulnerability in Pluxml v5.8.7 allows attackers to execute arbitrary web scripts or HTML via a crafted payload in the thumbnail path of a blog post.

5.4CVSS5.2AI score0.0094EPSS

CVE•added 2022/02/15 4:15 p.m.•78 views

CVE-2022-24585

A stored cross-site scripting (XSS) vulnerability in the component /core/admin/comment.php of PluXml v5.8.7 allows attackers to execute arbitrary web scripts or HTML via a crafted payload in the author parameter.

5.4CVSS5.2AI score0.00206EPSS

CVE•added 2022/02/15 4:15 p.m.•78 views

CVE-2022-24587

A stored cross-site scripting (XSS) vulnerability in the component core/admin/medias.php of PluXml v5.8.7 allows attackers to execute arbitrary web scripts or HTML.

5.4CVSS5.3AI score0.00206EPSS

CVE•added 2022/02/15 2:15 p.m.•67 views

CVE-2022-24586

A stored cross-site scripting (XSS) vulnerability in the component /core/admin/categories.php of PluXml v5.8.7 allows attackers to execute arbitrary web scripts or HTML via a crafted payload in the content and thumbnail parameters.

5.4CVSS5.2AI score0.00206EPSS

CVE•added 2021/08/12 11:15 p.m.•64 views

CVE-2021-38603

PluXML 5.8.7 allows core/admin/profil.php stored XSS via the Information field.

4.8CVSS4.7AI score0.01262EPSS

CVE•added 2021/08/12 11:15 p.m.•63 views

CVE-2021-38602

PluXML 5.8.7 allows Article Editing stored XSS via Headline or Content.

4.8CVSS4.7AI score0.0086EPSS