Pluxml Security Vulnerabilities and Issues — Pluxml CVE List

Lucene search

PluxmlPluxml

6 matches found

CVE•added 2022/03/01 2:15 a.m.•94 views

CVE-2022-25020

A cross-site scripting (XSS) vulnerability in Pluxml v5.8.7 allows attackers to execute arbitrary web scripts or HTML via a crafted payload in the thumbnail path of a blog post.

5.4CVSS5.2AI score0.0094EPSS

CVE•added 2022/02/15 4:15 p.m.•78 views

CVE-2022-24585

A stored cross-site scripting (XSS) vulnerability in the component /core/admin/comment.php of PluXml v5.8.7 allows attackers to execute arbitrary web scripts or HTML via a crafted payload in the author parameter.

5.4CVSS5.2AI score0.00206EPSS

Web

CVE•added 2022/02/15 4:15 p.m.•78 views

CVE-2022-24587

A stored cross-site scripting (XSS) vulnerability in the component core/admin/medias.php of PluXml v5.8.7 allows attackers to execute arbitrary web scripts or HTML.

5.4CVSS5.3AI score0.00206EPSS

CVE•added 2022/02/15 2:15 p.m.•67 views

CVE-2022-24586

A stored cross-site scripting (XSS) vulnerability in the component /core/admin/categories.php of PluXml v5.8.7 allows attackers to execute arbitrary web scripts or HTML via a crafted payload in the content and thumbnail parameters.

5.4CVSS5.2AI score0.00206EPSS

Web

CVE•added 2012/08/26 6:55 p.m.•40 views

CVE-2012-4674

PluXml before 5.1.6 allows remote attackers to obtain the installation path via the PHPSESSID.

5CVSS6.8AI score0.0025EPSS

CVE•added 2017/11/01 5:29 p.m.•36 views

CVE-2017-1001001

PluXml version 5.6 is vulnerable to stored cross-site scripting vulnerability, within the article creation page, which can result in escalation of privileges.

5.4CVSS5.4AI score0.00206EPSS