Plenti Plenti
3 CVEs affecting Plenti Plenti. Latest disclosed: 2025-03-12. Critical: 0, High: 3.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2025-26260 | High | 8.8 | 2025-03-12 | Plenti <= 0.7.16 is vulnerable to code execution. Users uploading '.svelte' files with the /postLocal endpoint can define the file name as javascript codes. Th… |
CVE-2024-49381 | High | 7.5 | 2024-10-25 | Plenti, a static site generator, has an arbitrary file deletion vulnerability in versions prior to 0.7.2. The `/postLocal` endpoint is vulnerable to an arbitra… |
CVE-2024-49380 | High | 7.5 | 2024-10-25 | Plenti, a static site generator, has an arbitrary file write vulnerability in versions prior to 0.7.2. The `/postLocal` endpoint is vulnerable to an arbitrary… |