CVE-2025-12330
Published
CVSS v3
2.4
LOW
CVSS v2
3.3
LOW
Affected
1
PROJECT
Description
A security flaw has been discovered in Willow CMS up to 1.4.0. This issue affects some unknown processing of the file /admin/articles/add of the component Add Post Page. The manipulation of the argument title/body results in cross site scripting. The attack may be launched remotely. The exploit has been released to the public and may be exploited.
A modern, AI-enhanced CMS built with CakePHP 5. Features AI-powered SEO optimization, automated translation (25+ languages via Claude & Google Translate), image galleries with AI analysis, hierarchical tagging, and comment moderation. Includes complete Docker dev environment with 290+ tests.
GitHub