Pluxml Pluxml Cms

3 CVEs affecting Pluxml Pluxml Cms. Latest disclosed: 2026-02-27. Critical: 1, High: 0.

Top CVEs affecting Pluxml Pluxml Cms
CVESeverityScorePublishedSummary
CVE-2026-24352Critical9.82026-02-27PluXml CMS allows a user's session identifier to be set before authentication. The value of this session ID stays the same after authentication. This behaviour…
CVE-2026-24351Medium5.42026-02-27PluXml CMS is vulnerable to Stored XSS in Static Pages editing functionality. Attacker with editing privileges can inject arbitrary HTML and JS into website, w…
CVE-2026-24350Medium5.42026-02-27PluXml CMS is vulnerable to Stored XSS in file uploading functionality. An authenticated attacker can upload an SVG file containing a malicious payload, which…