Vulnerabilities > Craftcms

DATE CVE VULNERABILITY TITLE RISK
2024-11-13 CVE-2024-52291 Unspecified vulnerability in Craftcms Craft CMS
Craft is a content management system (CMS).
network
low complexity
craftcms
7.2
2024-11-13 CVE-2024-52292 Unspecified vulnerability in Craftcms Craft CMS
Craft is a content management system (CMS).
network
low complexity
craftcms
6.5
2024-11-13 CVE-2024-52293 Unspecified vulnerability in Craftcms Craft CMS
Craft is a content management system (CMS).
network
low complexity
craftcms
7.2
2024-09-09 CVE-2024-45406 Cross-site Scripting vulnerability in Craftcms Craft CMS
Craft is a content management system (CMS).
network
low complexity
craftcms CWE-79
4.8
2024-07-25 CVE-2024-41800 Improper Authentication vulnerability in Craftcms Craft CMS
Craft is a content management system (CMS).
network
high complexity
craftcms CWE-287
7.5
2024-06-25 CVE-2024-37843 SQL Injection vulnerability in Craftcms Craft CMS
Craft CMS up to v3.7.31 was discovered to contain a SQL injection vulnerability via the GraphQL API endpoint.
network
low complexity
craftcms CWE-89
critical
9.8
2024-01-30 CVE-2023-36259 Cross-site Scripting vulnerability in Craftcms Craft CMS
Cross Site Scripting (XSS) vulnerability in Craft CMS Audit Plugin before version 3.0.2 allows attackers to execute arbitrary code during user creation.
network
low complexity
craftcms CWE-79
5.4
2024-01-30 CVE-2023-36260 Injection vulnerability in Craftcms Craft CMS
An issue was discovered in the Feed Me plugin 4.6.1 for Craft CMS.
network
low complexity
craftcms CWE-74
7.5
2024-01-03 CVE-2024-21622 Unspecified vulnerability in Craftcms Craft CMS
Craft is a content management system.
network
low complexity
craftcms
8.8
2023-09-13 CVE-2023-41892 Unspecified vulnerability in Craftcms Craft CMS
Craft CMS is a platform for creating digital experiences.
network
low complexity
craftcms
critical
9.8