Known Vulnerabilities for Pligg Cms by Pligg

Listed below are 10 of the newest known vulnerabilities associated with "Pligg Cms" by "Pligg".

These CVEs are retrieved based on exact matches on listed software, hardware, and vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed software information are still displayed.

Data on known vulnerable versions is also displayed based on information from known CPEs

Known Vulnerabilities

CVE Shortened Description Severity Publish Date Last Modified
CVE-2023-37677 json Pligg CMS v2.0.2 (also known as Kliqqi) was discovered to contain a remote code execution (RCE) vulnerability in the componen... 9.8 - CRITICAL 2023-07-25 2023-08-02
CVE-2022-34956 json Pligg CMS v2.0.2 was discovered to contain a time-based SQL injection vulnerability via the page_size parameter at load_data_... 9.8 - CRITICAL 2022-08-02 2022-08-04
CVE-2022-34955 json Pligg CMS v2.0.2 was discovered to contain a time-based SQL injection vulnerability via the page_size parameter at load_data_... 9.8 - CRITICAL 2022-08-02 2022-08-04
CVE-2015-6655 json Cross-site request forgery (CSRF) vulnerability in Pligg CMS 2.0.2 allows remote attackers to hijack the authentication of ad... 6.8 - MEDIUM 2015-08-31 2016-12-22
CVE-2014-9096 json Multiple SQL injection vulnerabilities in recover.php in Pligg CMS 2.0.1 and earlier allow remote attackers to execute arbitr... 7.5 - HIGH 2014-11-26 2014-11-28
CVE-2012-2937 json Multiple SQL injection vulnerabilities in Pligg CMS before 1.2.2 allow remote attackers to execute arbitrary SQL commands via... 7.5 - HIGH 2012-05-27 2017-08-29
CVE-2012-2936 json Multiple cross-site scripting (XSS) vulnerabilities in Pligg CMS before 1.2.2 allow remote attackers to inject arbitrary web ... 4.3 - MEDIUM 2012-05-27 2017-08-29
CVE-2012-2436 json Multiple cross-site scripting (XSS) vulnerabilities in Pligg CMS before 1.2.2 allow remote attackers to inject arbitrary web ... 4.3 - MEDIUM 2012-05-27 2017-08-29
CVE-2012-2435 json Directory traversal vulnerability in the captcha module in Pligg CMS before 1.2.2 allows remote authenticated users to includ... 6.5 - MEDIUM 2012-05-27 2012-05-29
CVE-2011-5023 json Cross-site scripting (XSS) vulnerability in Pligg CMS 1.1.4 allows remote attackers to inject arbitrary web script or HTML vi... 4.3 - MEDIUM 2011-12-29 2012-02-01
Results limited to 10 most recent vulnerabilities

Known Affected Configurations (CPE V2.3)

Type Vendor Product Version Update Edition Language
ApplicationPliggPligg Cms9.9.5
ApplicationPliggPligg Cms9.9.5
ApplicationPliggPligg Cms9.9.0
ApplicationPliggPligg Cms9.9.0
ApplicationPliggPligg Cms9.9
ApplicationPliggPligg Cms9.5
ApplicationPliggPligg Cms2.0.2
ApplicationPliggPligg Cms2.0.1
ApplicationPliggPligg Cms1.2.0
ApplicationPliggPligg Cms1.1.5
ApplicationPliggPligg Cms1.1.4
ApplicationPliggPligg Cms1.1.3
ApplicationPliggPligg Cms1.1.0
ApplicationPliggPligg Cms1.0.4
ApplicationPliggPligg Cms1.0.3
ApplicationPliggPligg Cms1.0.2
ApplicationPliggPligg Cms1.0.1
ApplicationPliggPligg Cms1.0.0
ApplicationPliggPligg Cms1.0.0
ApplicationPliggPligg Cms1.0.0
Results limited to 20 most recent known configurations
© CVE.report 2026 |

Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.

CVE, CWE, and OVAL are registred trademarks of The MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. This site includes MITRE data granted under the following license.

Free CVE JSON API cve.report/api

CVE.report and Source URL Uptime Status status.cve.report