Namelessmc Nameless
18 CVEs affecting Namelessmc Nameless. Latest disclosed: 2026-06-02. Critical: 1, High: 5.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2025-54117 | Critical | 9.1 | 2025-08-18 | NamelessMC is a free, easy to use & powerful website software for Minecraft servers. Cross-site scripting (XSS) vulnerability in NamelessMC before 2.2.3 allows… |
CVE-2025-29784 | High | 7.5 | 2025-04-18 | NamelessMC is a free, easy to use & powerful website software for Minecraft servers. In version 2.1.4 and prior, the s parameter in GET requests for forum sear… |
CVE-2025-30357 | High | 7.3 | 2025-04-18 | NamelessMC is a free, easy to use & powerful website software for Minecraft servers. In version 2.1.4 and prior, if a malicious user is leaving spam comments o… |
CVE-2025-54421 | High | 7.2 | 2025-08-18 | NamelessMC is a free, easy to use & powerful website software for Minecraft servers. Cross-site scripting (XSS) vulnerability in NamelessMC before 2.2.4 allows… |
CVE-2025-31118 | High | 7.1 | 2025-04-18 | NamelessMC is a free, easy to use & powerful website software for Minecraft servers. In version 2.1.4 and prior, forum quick reply feature (view_topic.php) doe… |
CVE-2025-30158 | High | 7.1 | 2025-04-18 | NamelessMC is a free, easy to use & powerful website software for Minecraft servers. In version 2.1.4 and prior, the forum allows users to post iframe elements… |
CVE-2026-34460 | Medium | 5.4 | 2026-06-02 | NamelessMC is website software for Minecraft servers. In versions 2.2.4 and prior, the OAuth callback handling does not validate the state parameter server-sid… |
CVE-2025-54118 | Medium | 5.3 | 2025-08-18 | NamelessMC is a free, easy to use & powerful website software for Minecraft servers. Sensitive information disclosure in NamelessMC before 2.2.4 allows unauthe… |
CVE-2025-31120 | Medium | 5.3 | 2025-04-18 | NamelessMC is a free, easy to use & powerful website software for Minecraft servers. In version 2.1.4 and prior, an insecure view count mechanism in the forum… |
CVE-2026-32250 | Medium | 4.3 | 2026-06-02 | NamelessMC is website software for Minecraft servers. A Reflected Cross-Site Scripting (XSS) vulnerability was discovered in version 2.2.4 in the id parameter… |
CVE-2026-40571 | | 2026-06-02 | NamelessMC is website software for Minecraft servers. In version 2.2.4, `core/classes/Misc/ProfilePostReactionContext.php` only verifies that the wall post exi… | |
CVE-2026-40314 | | 2026-06-02 | NamelessMC is website software for Minecraft servers. In version 2.2.4,`core/classes/Misc/ProfilePostReactionContext.php` only verifies that the wall post exis… | |
CVE-2026-35447 | | 2026-06-02 | NamelessMC is website software for Minecraft servers. In version 2.2.4, the profile page (modules/Core/pages/profile.php) processes wall post submissions and r… | |
CVE-2026-35443 | | 2026-06-02 | NamelessMC is website software for Minecraft servers. In version 2.2.4, `modules/Forum/classes/ForumPostReactionContext.php` only verifies that the caller can… | |
CVE-2026-33398 | | 2026-06-02 | NamelessMC is website software for Minecraft servers. In version 2.2.4, `modules/Forum/pages/forum/get_quotes.php` only checks whether the caller is logged in… | |
CVE-2025-32389 | | 2025-04-18 | NamelessMC is a free, easy to use & powerful website software for Minecraft servers. Prior to version 2.1.4, NamelessMC is vulnerable to SQL injection by provi… | |
CVE-2025-22142 | | 2025-01-13 | NamelessMC is a free, easy to use & powerful website software for Minecraft servers. In affected versions an admin can add the ability to have users fill out a… | |
CVE-2025-22144 | | 2025-01-13 | NamelessMC is a free, easy to use & powerful website software for Minecraft servers. A user with admincp.core.emails or admincp.users.edit permissions can vali… |