Known Vulnerabilities for products from Get-simple

Listed below are 20 of the newest known vulnerabilities associated with the vendor "Get-simple".

These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.

Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.

Known Vulnerabilities

CVE Shortened Description Severity Publish Date Last Modified
CVE-2026-57762 json Not Provided 2026-07-02 2026-07-02
CVE-2026-57682 json Not Provided 2026-07-02 2026-07-02
CVE-2026-57676 json Not Provided 2026-06-29 2026-06-29
CVE-2026-56076 json Not Provided 2026-06-18 2026-06-22
CVE-2026-53742 json Not Provided 2026-06-10 2026-06-11
CVE-2026-53741 json Not Provided 2026-06-10 2026-06-11
CVE-2026-53606 json Not Provided 2026-06-12 2026-06-15
CVE-2026-53193 json Not Provided 2026-06-25 2026-06-28
CVE-2026-48970 json Not Provided 2026-06-15 2026-06-15
CVE-2026-48969 json Not Provided 2026-06-15 2026-06-15
CVE-2023-46042 json An issue in GetSimpleCMS v.3.4.0a allows a remote attacker to execute arbitrary code via a crafted payload to the phpinfo(). 9.8 - CRITICAL 2023-10-19 2023-10-25
CVE-2023-46040 json Cross Site Scripting vulnerability in GetSimpleCMS v.3.4.0a allows a remote attacker to execute arbitrary code via the a craf... 5.4 - MEDIUM 2023-10-31 2023-11-08
CVE-2022-41544 json GetSimple CMS v3.3.16 was discovered to contain a remote code execution (RCE) vulnerability via the edited_file parameter in ... 9.8 - CRITICAL 2022-10-18 2023-05-24
CVE-2022-1503 json A vulnerability, which was classified as problematic, has been found in GetSimple CMS. Affected by this issue is the file /ad... 5.4 - MEDIUM 2022-04-27 2022-05-05
CVE-2021-47870 json GetSimple CMS My SMTP Contact Plugin 1.1.2 suffers from a Stored Cross-Site Scripting (XSS) vulnerability. The plugin attempt... Not Provided 2026-01-21 2026-05-12
CVE-2021-36601 json GetSimpleCMS 3.3.16 contains a cross-site Scripting (XSS) vulnerability, where Function TSL does not filter check settings.ph... 6.1 - MEDIUM 2021-08-10 2021-08-19
CVE-2021-28977 json Cross Site Scripting vulnerability in GetSimpleCMS 3.3.16 in admin/upload.php by adding comments or jpg and other file header... 4.8 - MEDIUM 2021-06-23 2021-06-25
CVE-2021-28976 json Remote Code Execution vulnerability in GetSimpleCMS before 3.3.16 in admin/upload.php via phar filess. 7.2 - HIGH 2021-06-23 2021-06-28
CVE-2020-24861 json GetSimple CMS 3.3.16 allows in parameter 'permalink' on the Settings page persistent Cross Site Scripting which is executed w... 5.4 - MEDIUM 2020-10-01 2020-10-08
CVE-2020-23839 json A Reflected Cross-Site Scripting (XSS) vulnerability in GetSimple CMS v3.3.16, in the admin/index.php login portal webpage, a... 6.1 - MEDIUM 2020-09-01 2022-12-03

Known software with vulnerabilities from Get-simple

Type Vendor Product Version
ApplicationGet-simpleGetsimplecms3.3.13
ApplicationGet-simpleGetsimple Cms1.0
© CVE.report 2026 |

Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.

CVE, CWE, and OVAL are registred trademarks of The MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. This site includes MITRE data granted under the following license.

Free CVE JSON API cve.report/api

CVE.report and Source URL Uptime Status status.cve.report