Vulnerabilities > Wondercms > Wondercms > 3.3.4
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-11-07 | CVE-2023-41425 | Cross-site Scripting vulnerability in Wondercms Cross Site Scripting vulnerability in Wonder CMS v.3.2.0 thru v.3.4.2 allows a remote attacker to execute arbitrary code via a crafted script uploaded to the installModule component. | 6.1 |
| 2022-11-17 | CVE-2022-43332 | Cross-site Scripting vulnerability in Wondercms 3.3.4 A cross-site scripting (XSS) vulnerability in Wondercms v3.3.4 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Site title field of the Configuration Panel. | 6.1 |