Vulnerabilities > Processwire

DATE	CVE	VULNERABILITY TITLE	RISK
2024-01-24	CVE-2023-24676	Unspecified vulnerability in Processwire 3.0.210 An issue found in ProcessWire 3.0.210 allows attackers to execute arbitrary code and install a reverse shell via the download_zip_url parameter when installing a new module. network low complexity processwire	7.2
2022-10-31	CVE-2022-40487	Cross-site Scripting vulnerability in Processwire 3.0.200 ProcessWire v3.0.200 was discovered to contain multiple cross-site scripting (XSS) vulnerabilities via the Search Users and Search Pages function. network low complexity processwire CWE-79	6.1
2022-10-31	CVE-2022-40488	Cross-Site Request Forgery (CSRF) vulnerability in Processwire 3.0.200 ProcessWire v3.0.200 was discovered to contain a Cross-Site Request Forgery (CSRF). network low complexity processwire CWE-352	6.5
2022-02-24	CVE-2020-27467	Path Traversal vulnerability in Processwire A Directory Traversal vulnerability exits in Processwire CMS before 2.7.1 via the download parameter to index.php. network low complexity processwire CWE-22	7.5

Vulnerabilities > Processwire {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Processwire"}]}