Known Vulnerabilities for PluXml CMS by PluXml
Listed below are 5 of the newest known vulnerabilities associated with "PluXml CMS" by "PluXml".
These CVEs are retrieved based on exact matches on listed software, hardware, and vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed software information are still displayed.
Data on known vulnerable versions is also displayed based on information from known CPEs
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2026-24352 json | PluXml CMS allows a user's session identifier to be set before authentication. The value of this session ID stays the same af... | Not Provided | 2026-02-27 | 2026-02-27 |
| CVE-2026-24351 json | PluXml CMS is vulnerable to Stored XSS in Static Pages editing functionality. Attacker with editing privileges can inject arb... | Not Provided | 2026-02-27 | 2026-02-27 |
| CVE-2026-24350 json | PluXml CMS is vulnerable to Stored XSS in file uploading functionality. An authenticated attacker can upload an SVG file cont... | Not Provided | 2026-02-27 | 2026-02-27 |
| CVE-2025-70129 json | If the anti spam-captcha functionality in PluXml versions 5.8.22 and earlier is enabled, a captcha challenge is generated wit... | Not Provided | 2026-03-10 | 2026-03-11 |
| CVE-2025-70128 json | A Stored Cross-Site Scripting (XSS) vulnerability exists in the PluXml article comments feature for PluXml versions 5.8.22 an... | Not Provided | 2026-03-10 | 2026-03-12 |