Vulnerabilities > Pluck CMS > Pluck > 4.7.18

DATE CVE VULNERABILITY TITLE RISK
2023-12-14 CVE-2023-50564 Unrestricted Upload of File with Dangerous Type vulnerability in Pluck-Cms Pluck 4.7.18
An arbitrary file upload vulnerability in the component /inc/modules_install.php of Pluck-CMS v4.7.18 allows attackers to execute arbitrary code via uploading a crafted ZIP file.
network
low complexity
pluck-cms CWE-434
8.8
8.8
2023-09-16 CVE-2023-5013 Cross-site Scripting vulnerability in Pluck-Cms Pluck 4.7.18
A vulnerability has been found in Pluck CMS 4.7.18 and classified as problematic.
network
low complexity
pluck-cms CWE-79
5.4
5.4