Vulnerabilities > GET Simple > Getsimple CMS > 3.3.16

DATE CVE VULNERABILITY TITLE RISK
2022-10-18 CVE-2022-41544 Unspecified vulnerability in Get-Simple Getsimple CMS 3.3.16
GetSimple CMS v3.3.16 was discovered to contain a remote code execution (RCE) vulnerability via the edited_file parameter in admin/theme-edit.php.
network
low complexity
get-simple
critical
 9.8
9.8
2020-10-01 CVE-2020-24861 Cross-site Scripting vulnerability in Get-Simple Getsimple CMS 3.3.16
GetSimple CMS 3.3.16 allows in parameter 'permalink' on the Settings page persistent Cross Site Scripting which is executed when you create and open a new page
network
low complexity
get-simple CWE-79
5.4
5.4
2020-09-01 CVE-2020-23839 Cross-site Scripting vulnerability in Get-Simple Getsimple CMS 3.3.16
A Reflected Cross-Site Scripting (XSS) vulnerability in GetSimple CMS v3.3.16, in the admin/index.php login portal webpage, allows remote attackers to execute JavaScript code in the client's browser and harvest login credentials after a client clicks a link, enters credentials, and submits the login form.
network
low complexity
get-simple CWE-79
6.1
6.1