Vulnerabilities > Pluck CMS > Pluck > 4.7.18
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-08-16 | CVE-2024-43042 | Improper Restriction of Excessive Authentication Attempts vulnerability in Pluck-Cms Pluck 4.7.18 Pluck CMS 4.7.18 does not restrict failed login attempts, allowing attackers to execute a brute force attack. | 9.8 |
| 2023-12-14 | CVE-2023-50564 | Unrestricted Upload of File with Dangerous Type vulnerability in Pluck-Cms Pluck 4.7.18 An arbitrary file upload vulnerability in the component /inc/modules_install.php of Pluck-CMS v4.7.18 allows attackers to execute arbitrary code via uploading a crafted ZIP file. | 8.8 |
| 2023-09-16 | CVE-2023-5013 | Cross-site Scripting vulnerability in Pluck-Cms Pluck 4.7.18 A vulnerability has been found in Pluck CMS 4.7.18 and classified as problematic. | 5.4 |