Vulnerabilities > Pluck CMS > Low
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-12-04 | CVE-2018-16633 | Cross-site Scripting vulnerability in Pluck-Cms Pluck 4.7.7 Pluck v4.7.7 allows XSS via the admin.php?action=editpage&page= page title. | 3.5 |
| 2018-09-12 | CVE-2018-16729 | Cross-site Scripting vulnerability in Pluck-Cms Pluck 4.7.7 Pluck 4.7.7 allows XSS via an SVG file that contains Javascript in a SCRIPT element, and is uploaded via pages->manage under admin.php?action=files. | 3.5 |
| 2018-05-21 | CVE-2018-11330 | Cross-site Scripting vulnerability in Pluck-Cms Pluck An issue was discovered in Pluck before 4.7.6. | 3.5 |