capture0x/PluXml-RCE

Releases0

PluXml Blog Version : 5.8.9 - Remote Code Execution (Authenticated)

CVE History

CVE	Published	CVSS v3	CVSS v2
CVE-2024-22636 ↗	Jan 25, 2024Thursday, 25 January 2024, 21:15	8.8 HIGH	—
PluXml Blog v5.8.9 was discovered to contain a remote code execution (RCE) vulnerability in the Static Pages feature. This vulnerability is exploited via injecting a crafted payload into the Content field.