Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
pluck-cms pluck 4.7.9 vulnerabilities and exploits
(subscribe to this query)
8.8
CVSSv3
CVE-2020-18195
Cross Site Request Forgery (CSRF) in Pluck CMS v4.7.9 allows remote malicious users to execute arbitrary code and delete a specific article via the component " /admin.php?action=page."
Pluck-cms Pluck 4.7.9
8.8
CVSSv3
CVE-2020-18198
Cross Site Request Forgery (CSRF) in Pluck CMS v4.7.9 allows remote malicious users to execute arbitrary code and delete specific images via the component " /admin.php?action=images."
Pluck-cms Pluck 4.7.9
6.5
CVSSv3
CVE-2019-9048
An issue exists in Pluck 4.7.9-dev1. There is a CSRF vulnerability that can delete a theme (aka topic) via a /admin.php?action=theme_delete&var1= URI.
Pluck-cms Pluck 4.7.9
6.5
CVSSv3
CVE-2019-9052
An issue exists in Pluck 4.7.9-dev1. There is a CSRF vulnerability that can delete pictures via a /admin.php?action=deleteimage&var1= URI.
Pluck-cms Pluck 4.7.9
6.5
CVSSv3
CVE-2019-9049
An issue exists in Pluck 4.7.9-dev1. There is a CSRF vulnerability that can delete modules via a /admin.php?action=module_delete&var1= URI.
Pluck-cms Pluck 4.7.9
6.5
CVSSv3
CVE-2019-9051
An issue exists in Pluck 4.7.9-dev1. There is a CSRF vulnerability that can delete articles via a /admin.php?action=deletepage&var1= URI.
Pluck-cms Pluck 4.7.9
7.2
CVSSv3
CVE-2019-9050
An issue exists in Pluck 4.7.9-dev1. It allows administrators to execute arbitrary code by using action=installmodule to upload a ZIP archive, which is then extracted and executed.
Pluck-cms Pluck 4.7.9
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
authentication bypass
CVE-2024-30051
remote
CVE-2024-27954
CVE-2023-51483
CVE-2023-47782
SSRF
CVE-2024-24715
CVE-2023-52424
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started