Plenti Plenti

3 CVEs affecting Plenti Plenti. Latest disclosed: 2025-03-12. Critical: 0, High: 3.

Top CVEs affecting Plenti Plenti
CVESeverityScorePublishedSummary
CVE-2025-26260High8.82025-03-12Plenti <= 0.7.16 is vulnerable to code execution. Users uploading '.svelte' files with the /postLocal endpoint can define the file name as javascript codes. Th…
CVE-2024-49381High7.52024-10-25Plenti, a static site generator, has an arbitrary file deletion vulnerability in versions prior to 0.7.2. The `/postLocal` endpoint is vulnerable to an arbitra…
CVE-2024-49380High7.52024-10-25Plenti, a static site generator, has an arbitrary file write vulnerability in versions prior to 0.7.2. The `/postLocal` endpoint is vulnerable to an arbitrary…