Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
pluck-cms pluck 4.7.2 vulnerabilities and exploits
(subscribe to this query)
5.4
CVSSv3
CVE-2014-8707
Cross-site scripting (XSS) vulnerability in TinyMCE in Pluck CMS 4.7.2 allows remote authenticated users to inject arbitrary web script or HTML via the "edit HTML source" option.
Pluck-cms Pluck 4.7.2
9.8
CVSSv3
CVE-2014-8708
Pluck CMS 4.7.2 allows remote malicious users to execute arbitrary code via the blog form feature.
Pluck-cms Pluck 4.7.2
5.3
CVSSv3
CVE-2014-8706
Pluck CMS 4.7.2 allows remote malicious users to obtain sensitive information by (1) changing "PHPSESSID" to an array; (2) adding non-alphanumeric chars to "PHPSESSID"; (3) changing the image parameter to an array; or (4) changing the image parameter to a stri...
Pluck-cms Pluck 4.7.2
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
buffer overflow
type confusion
server-side request forgery
CVE-2024-38440
CVE-2024-27801
CVE-2024-5868
CVE-2024-0582
CVE-2024-37643
CVE-2024-3105
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started