plentico/plenti

plentico/plenti

Releases230

Frequency1 week 1 day

Last Release 11 months ago

Stars1.07K

Static Site Generator with Go backend and Svelte frontend

Log in to subscribe

CVE History

CVE	Published	CVSS v3	CVSS v2
CVE-2024-49380 ↗	Oct 25, 2024Friday, 25 October 2024, 14:15	7.5 HIGH	—
Plenti, a static site generator, has an arbitrary file write vulnerability in versions prior to 0.7.2. The `/postLocal` endpoint is vulnerable to an arbitrary file write vulnerability when a plenti user serves their website. This issue may lead to Remote Code Execution. Version 0.7.2 fixes the vulnerability.
CVE-2024-49381 ↗	Oct 25, 2024Friday, 25 October 2024, 14:15	7.5 HIGH	—
Plenti, a static site generator, has an arbitrary file deletion vulnerability in versions prior to 0.7.2. The `/postLocal` endpoint is vulnerable to an arbitrary file write deletion when a plenti user serves their website. This issue may lead to information loss. Version 0.7.2 fixes the vulnerability.