Known Vulnerabilities for products from Pluxml
Listed below are 17 of the newest known vulnerabilities associated with the vendor "Pluxml".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2025-70129 json | If the anti spam-captcha functionality in PluXml versions 5.8.22 and earlier is enabled, a captcha challenge is generated wit... | Not Provided | 2026-03-10 | 2026-04-07 |
| CVE-2025-70128 json | A Stored Cross-Site Scripting (XSS) vulnerability exists in the PluXml article comments feature for PluXml versions 5.8.22 an... | Not Provided | 2026-03-10 | 2026-04-07 |
| CVE-2024-22636 json | 8.8 - HIGH | 2024-01-25 | 2024-01-29 | |
| CVE-2022-25020 json | ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new secur... | 5.4 - MEDIUM | 2022-03-01 | 2022-03-09 |
| CVE-2022-25018 json | ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new secur... | 8.8 - HIGH | 2022-03-01 | 2022-03-09 |
| CVE-2022-24587 json | ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new secur... | 5.4 - MEDIUM | 2022-02-15 | 2022-02-22 |
| CVE-2022-24586 json | ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new secur... | 5.4 - MEDIUM | 2022-02-15 | 2022-02-23 |
| CVE-2022-24585 json | ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new secur... | 5.4 - MEDIUM | 2022-02-15 | 2022-02-22 |
| CVE-2021-38603 json | PluXML 5.8.7 allows core/admin/profil.php stored XSS via the Information field. | 4.8 - MEDIUM | 2021-08-12 | 2021-08-16 |
| CVE-2021-38602 json | PluXML 5.8.7 allows Article Editing stored XSS via Headline or Content. | 4.8 - MEDIUM | 2021-08-12 | 2021-08-16 |
| CVE-2020-18185 json | class.plx.admin.php in PluXml 5.7 allows attackers to execute arbitrary PHP code by modify the configuration file in a linux ... | 9.8 - CRITICAL | 2020-10-02 | 2020-10-08 |
| CVE-2017-1001001 json | PluXml version 5.6 is vulnerable to stored cross-site scripting vulnerability, within the article creation page, which can re... | 5.4 - MEDIUM | 2017-11-01 | 2023-11-07 |
| CVE-2012-4675 json | Cross-site scripting (XSS) vulnerability in PluXml 5.1.6 allows remote attackers to inject arbitrary web script or HTML via u... | 4.3 - MEDIUM | 2012-08-26 | 2017-08-29 |
| CVE-2012-4674 json | PluXml before 5.1.6 allows remote attackers to obtain the installation path via the PHPSESSID. | 5 - MEDIUM | 2012-08-26 | 2012-08-27 |
| CVE-2012-2227 json | Directory traversal vulnerability in update/index.php in PluXml before 5.1.6 allows remote attackers to include and execute a... | 7.5 - HIGH | 2012-08-26 | 2017-08-29 |
| CVE-2007-3542 json | Cross-site scripting (XSS) vulnerability in admin/auth.php in Pluxml 0.3.1 allows remote attackers to inject arbitrary web sc... | 4.3 - MEDIUM | 2007-07-03 | 2017-09-29 |
| CVE-2007-3432 json | Unrestricted file upload vulnerability in admin/images.php in Pluxml 0.3.1 allows remote attackers to upload and execute arbi... | 7.5 - HIGH | 2007-06-27 | 2018-10-16 |
Known software with vulnerabilities from Pluxml
| Type | Vendor | Product | Version |
|---|---|---|---|
| Application | Pluxml | Pluxml | 0.3.1 |