CVE-2026-28495

GetSimple CMS is a content management system. The massiveAdmin plugin (v6.0.3) bundled with GetSimpleCMS-CE v3.3.22 allows an authenticated administrator to overwrite the gsconfig.php configuration file with arbitrary PHP code via the gsconfig editor module. The form lacks CSRF protection, enabling a remote unauthenticated attacker to exploit this via Cross-Site Request Forgery against a logged-in admin, achieving Remote Code Execution (RCE) on the web server.

CVSS v3 9.6 CRITICAL

9.6^/10

CVSS v3 : CRITICAL

Vector :

Exploitability : 2.8 / Impact : 6.0

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction REQUIRED

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope CHANGED

References

Link	Resource
https://github.com/GetSimpleCMS-CE/GetSimpleCMS-CE/security/advisories/GHSA-92wv-q2jp-qg88	Exploit Vendor Advisory

Configurations

Configuration 1 (hide)

cpe:2.3:a:getsimple-ce:getsimple_cms:*:*:*:*:community:*:*:*

History

12 Mar 2026, 18:21

Type	Values Removed	Values Added
First Time		Getsimple-ce getsimple Cms Getsimple-ce
References	~~() https://github.com/GetSimpleCMS-CE/GetSimpleCMS-CE/security/advisories/GHSA-92wv-q2jp-qg88 -~~	() https://github.com/GetSimpleCMS-CE/GetSimpleCMS-CE/security/advisories/GHSA-92wv-q2jp-qg88 - Exploit, Vendor Advisory
CPE		cpe:2.3:a:getsimple-ce:getsimple_cms:::::community:::*

11 Mar 2026, 13:53

Type	Values Removed	Values Added
Summary		(es) GetSimple CMS es un sistema de gestión de contenido. El plugin massiveAdmin (v6.0.3) incluido con GetSimpleCMS-CE v3.3.22 permite a un administrador autenticado sobrescribir el archivo de configuración gsconfig.php con código PHP arbitrario a través del módulo editor de gsconfig. El formulario carece de protección CSRF, lo que permite a un atacante remoto no autenticado explotar esto mediante falsificación de petición en sitios cruzados contra un administrador con sesión iniciada, logrando ejecución remota de código (RCE) en el servidor web.

10 Mar 2026, 20:16

Type	Values Removed	Values Added
New CVE

Information

Published : 2026-03-10 20:16

Updated : 2026-03-12 18:21

NVD link : CVE-2026-28495

Mitre link : CVE-2026-28495

CVE.ORG link : CVE-2026-28495

JSON object : View

Products Affected

getsimple-ce

getsimple_cms

CWE

CWE-352

Cross-Site Request Forgery (CSRF)

{"id": "CVE-2026-28495", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "security-advisories@github.com", "cvssData": {"scope": "CHANGED", "version": "3.1", "baseScore": 9.6, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 6.0, "exploitabilityScore": 2.8}, {"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 8.8, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 2.8}]}, "published": "2026-03-10T20:16:37.663", "references": [{"url": "https://github.com/GetSimpleCMS-CE/GetSimpleCMS-CE/security/advisories/GHSA-92wv-q2jp-qg88", "tags": ["Exploit", "Vendor Advisory"], "source": "security-advisories@github.com"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "security-advisories@github.com", "description": [{"lang": "en", "value": "CWE-352"}]}], "descriptions": [{"lang": "en", "value": "GetSimple CMS is a content management system. The massiveAdmin plugin (v6.0.3) bundled with GetSimpleCMS-CE v3.3.22 allows an authenticated administrator to overwrite the gsconfig.php configuration file with arbitrary PHP code via the gsconfig editor module. The form lacks CSRF protection, enabling a remote unauthenticated attacker to exploit this via Cross-Site Request Forgery against a logged-in admin, achieving Remote Code Execution (RCE) on the web server."}, {"lang": "es", "value": "GetSimple CMS es un sistema de gesti\u00f3n de contenido. El plugin massiveAdmin (v6.0.3) incluido con GetSimpleCMS-CE v3.3.22 permite a un administrador autenticado sobrescribir el archivo de configuraci\u00f3n gsconfig.php con c\u00f3digo PHP arbitrario a trav\u00e9s del m\u00f3dulo editor de gsconfig. El formulario carece de protecci\u00f3n CSRF, lo que permite a un atacante remoto no autenticado explotar esto mediante falsificaci\u00f3n de petici\u00f3n en sitios cruzados contra un administrador con sesi\u00f3n iniciada, logrando ejecuci\u00f3n remota de c\u00f3digo (RCE) en el servidor web."}], "lastModified": "2026-03-12T18:21:10.780", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:getsimple-ce:getsimple_cms:*:*:*:*:community:*:*:*", "vulnerable": true, "matchCriteriaId": "10781A5F-4F78-4068-9876-29EF0A48A372", "versionEndIncluding": "3.3.22"}], "operator": "OR"}]}], "sourceIdentifier": "security-advisories@github.com"}