Cross Site Scripting vulnerability in Pluck CMS before v.4.7.21dev allows a remote attacker to escalate privileges via the editpage.php and the sanitizePageContent function
References
Configurations
No configuration.
History
04 May 2026, 15:16
| Type | Values Removed | Values Added |
|---|---|---|
| CWE | CWE-79 | |
| References | () https://medium.com/@nakah_/pluck-cms-stored-xss-in-page-editor-cve-2026-31205-3b0526743e1d?postPublishedType=initialĀ - |
04 May 2026, 14:16
| Type | Values Removed | Values Added |
|---|---|---|
| New CVE |
Information
Published : 2026-05-04 14:16
Updated : 2026-06-17 10:33
NVD link : CVE-2026-31205
Mitre link : CVE-2026-31205
CVE.ORG link : CVE-2026-31205
JSON object : View
Products Affected
No product.
CWE
CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
