Known Vulnerabilities for products from Ckeditor
Listed below are 20 of the newest known vulnerabilities associated with the vendor "Ckeditor".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2026-35164 json | Not Provided | 2026-04-06 | 2026-04-07 | |
| CVE-2026-35047 json | Not Provided | 2026-04-06 | 2026-04-07 | |
| CVE-2023-31541 json | A unrestricted file upload vulnerability was discovered in the ‘Browse and upload images’ feature of the CKEditor v1.2.3 ... | 9.8 - CRITICAL | 2023-06-13 | 2023-06-22 |
| CVE-2023-28439 json | CKEditor4 is an open source what-you-see-is-what-you-get HTML editor. A cross-site scripting vulnerability has been discovere... | 6.1 - MEDIUM | 2023-03-22 | 2024-01-18 |
| CVE-2022-48110 json | ** DISPUTED ** CKSource CKEditor 5 35.4.0 was discovered to contain a cross-site scripting (XSS) vulnerability via the Full F... | 6.1 - MEDIUM | 2023-02-13 | 2023-11-07 |
| CVE-2022-31175 json | CKEditor 5 is a JavaScript rich text editor. A cross-site scripting vulnerability has been discovered affecting three optiona... | 4.7 - MEDIUM | 2022-08-03 | 2022-08-09 |
| CVE-2022-24729 json | ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new secur... | 7.5 - HIGH | 2022-03-16 | 2023-11-07 |
| CVE-2022-24728 json | ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new secur... | 5.4 - MEDIUM | 2022-03-16 | 2023-11-07 |
| CVE-2021-41165 json | CKEditor4 is an open source WYSIWYG HTML editor. In affected version a vulnerability has been discovered in the core HTML pro... | 5.4 - MEDIUM | 2021-11-17 | 2022-10-05 |
| CVE-2021-41164 json | CKEditor4 is an open source WYSIWYG HTML editor. In affected versions a vulnerability has been discovered in the Advanced Con... | 5.4 - MEDIUM | 2021-11-17 | 2023-11-07 |
| CVE-2021-37695 json | ckeditor is an open source WYSIWYG HTML editor with rich content support. A potential vulnerability has been discovered in CK... | 5.4 - MEDIUM | 2021-08-13 | 2023-11-07 |
| CVE-2021-33829 json | A cross-site scripting (XSS) vulnerability in the HTML Data Processor in CKEditor 4 4.14.0 through 4.16.x before 4.16.1 allow... | 6.1 - MEDIUM | 2021-06-09 | 2023-11-07 |
| CVE-2021-32809 json | ckeditor is an open source WYSIWYG HTML editor with rich content support. A potential vulnerability has been discovered in CK... | 5.4 - MEDIUM | 2021-08-12 | 2023-11-07 |
| CVE-2021-32808 json | ckeditor is an open source WYSIWYG HTML editor with rich content support. A vulnerability has been discovered in the clipboar... | 5.4 - MEDIUM | 2021-08-12 | 2023-11-07 |
| CVE-2021-26272 json | It was possible to execute a ReDoS-type attack inside CKEditor 4 before 4.16 by persuading a victim to paste crafted URL-like... | 6.5 - MEDIUM | 2021-01-26 | 2022-03-01 |
| CVE-2021-26271 json | It was possible to execute a ReDoS-type attack inside CKEditor 4 before 4.16 by persuading a victim to paste crafted text int... | 6.5 - MEDIUM | 2021-01-26 | 2021-12-01 |
| CVE-2021-21391 json | CKEditor 5 provides a WYSIWYG editing solution. This CVE affects the following npm packages: ckeditor5-engine, ckeditor5-font... | 6.5 - MEDIUM | 2021-04-29 | 2023-11-07 |
| CVE-2021-21254 json | CKEditor 5 is an open source rich text editor framework with a modular architecture. The CKEditor 5 Markdown plugin (@ckedito... | 6.5 - MEDIUM | 2021-01-29 | 2023-11-07 |
| CVE-2020-27193 json | A cross-site scripting (XSS) vulnerability in the Color Dialog plugin for CKEditor 4.15.0 allows remote attackers to run arbi... | 6.1 - MEDIUM | 2020-11-12 | 2021-12-02 |
| CVE-2020-9440 json | A cross-site scripting (XSS) vulnerability in the WSC plugin through 5.5.7.5 for CKEditor 4 allows remote attackers to run ar... | 6.1 - MEDIUM | 2020-03-10 | 2023-11-07 |
Known software with vulnerabilities from Ckeditor
| Type | Vendor | Product | Version |
|---|---|---|---|
| Application | Ckeditor | Ckeditor | 4.0 |
| Application | Ckeditor | Ckeditor 5 | 10.0.1 |
| Application | Ckeditor | Ckeditor 5-link | 0.1.0 |
| Application | Ckeditor | Enhanced Image | 4.0.0 |
| Application | Ckeditor | Fckeditor | 2.6.10 |