Every CVE whose affected-product data names Murasoftware Mura Cms, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (9)
CVE-2022-47003 — CVSS 9.8 (critical): A vulnerability in the Remember Me function of Mura CMS before v10.0.580 allows attackers to bypass authentication via a crafted web…
CVE-2025-55044 — CVSS 8.8 (high): The Trash Restore CSRF vulnerability in MuraCMS through 10.1.10 allows attackers to restore deleted content from the trash to unauthorized…
CVE-2025-55040 — CVSS 8.8 (high): The import form CSRF vulnerability in MuraCMS through 10.1.10 allows attackers to upload and install malicious form definitions through a…
CVE-2025-55046 — CVSS 8.1 (high): MuraCMS through 10.1.10 contains a CSRF vulnerability that allows attackers to permanently destroy all deleted content stored in the trash…
CVE-2025-55041 — CVSS 8.0 (high): MuraCMS through 10.1.10 contains a CSRF vulnerability in the Add To Group functionality for user management (cUsers.cfc addToGroup method)…
CVE-2025-55045 — CVSS 7.1 (high): The update address CSRF vulnerability in MuraCMS through 10.1.10 allows attackers to manipulate user address information through CSRF. The…
CVE-2025-55043 — CVSS 6.5 (medium): MuraCMS through 10.1.10 contains a CSRF vulnerability in the bundle creation functionality (csettings.cfc createBundle method) that allows…