Codelyfe Stupid Simple Cms — known CVE vulnerabilities
Every CVE whose affected-product data names Codelyfe Stupid Simple Cms, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (11)
CVE-2024-27689 — CVSS 8.8 (high): Stupid Simple CMS v1.2.4 was discovered to contain a Cross-Site Request Forgery (CSRF) via /update-article.php.
CVE-2024-22715 — CVSS 8.8 (high): Stupid Simple CMS <=1.2.4 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /admin-edit.php.
CVE-2023-6901 — CVSS 7.3 (high): A vulnerability, which was classified as critical, was found in codelyfe Stupid Simple CMS up to 1.2.3. This affects an unknown part of the…
CVE-2024-27559 — CVSS 6.3 (medium): Stupid Simple CMS v1.2.4 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /save_settings.php
CVE-2024-22714 — CVSS 6.1 (medium): Stupid Simple CMS <=1.2.4 is vulnerable to Cross Site Scripting (XSS) in the editing section of the article content.
CVE-2024-27558 — CVSS 6.1 (medium): Stupid Simple CMS 1.2.4 is vulnerable to Cross Site Scripting (XSS) within the blog title of the settings.
CVE-2023-6902 — CVSS 5.5 (medium): A vulnerability has been found in codelyfe Stupid Simple CMS up to 1.2.4 and classified as critical. This vulnerability affects unknown…
CVE-2023-6907 — CVSS 5.4 (medium): A vulnerability has been found in codelyfe Stupid Simple CMS up to 1.2.4 and classified as critical. Affected by this vulnerability is an…
CVE-2023-7041 — CVSS 5.4 (medium): A vulnerability, which was classified as critical, has been found in codelyfe Stupid Simple CMS up to 1.2.4. Affected by this issue is some…
CVE-2023-7040 — CVSS 4.3 (medium): A vulnerability classified as problematic was found in codelyfe Stupid Simple CMS up to 1.2.4. Affected by this vulnerability is an unknown…
CVE-2024-3202 — CVSS 3.7 (low): A vulnerability, which was classified as problematic, has been found in codelyfe Stupid Simple CMS 1.2.4. This issue affects some unknown…