Vulnerabilities > GET Simple > Getsimple CMS > 3.3.16
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2022-10-18 | CVE-2022-41544 | Unspecified vulnerability in Get-Simple Getsimple CMS 3.3.16 GetSimple CMS v3.3.16 was discovered to contain a remote code execution (RCE) vulnerability via the edited_file parameter in admin/theme-edit.php. | 9.8 |
2020-10-01 | CVE-2020-24861 | Cross-site Scripting vulnerability in Get-Simple Getsimple CMS 3.3.16 GetSimple CMS 3.3.16 allows in parameter 'permalink' on the Settings page persistent Cross Site Scripting which is executed when you create and open a new page | 5.4 |
2020-09-01 | CVE-2020-23839 | Cross-site Scripting vulnerability in Get-Simple Getsimple CMS 3.3.16 A Reflected Cross-Site Scripting (XSS) vulnerability in GetSimple CMS v3.3.16, in the admin/index.php login portal webpage, allows remote attackers to execute JavaScript code in the client's browser and harvest login credentials after a client clicks a link, enters credentials, and submits the login form. | 6.1 |