Every CVE whose affected-product data names Pluck-cms Pluckcms, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (2)
CVE-2019-1010062 — CVSS 9.8 (critical): PluckCMS 4.7.4 and earlier is affected by: CWE-434 Unrestricted Upload of File with Dangerous Type. The impact is: get webshell. The…
CVE-2020-20718 — CVSS 9.8 (critical): File Upload vulnerability in PluckCMS v.4.7.10 dev versions allows a remote attacker to execute arbitrary code via a crafted image file to…