Get a demo
100% Signal 0% Noise Invicti Logo - The Largest Dynamic Application Security Solutions Provider In The World Get a demo

CMS

Plone CMS

Plone is a free and open source content management system built on top of the Zope application server.

Official Site:

https://plone.org/

Severity Summary:

Critical: 5 High: 20 Medium: 76 Low: 3
Reference
Title
Severity
CVE-2020-35190
Plone CMS Missing Authentication for Critical Function Vulnerability
Critical
CVE-2020-7941
Plone CMS Improper Privilege Management Vulnerability
Critical
CVE-2011-4030
Plone CMS Permissions Privileges and Access Controls Vulnerability
Critical
CVE-2011-3587
Plone CMS Vulnerability
Critical
CVE-2021-33509
Plone CMS Incorrect Permission Assignment for Critical Resource Vulnerability
Critical
CVE-2020-28735
Plone CMS Server-Side Request Forgery (SSRF) Vulnerability
High
CVE-2007-5741
Plone CMS Improper Control of Generation of Code (Code Injection) Vulnerability
High
CVE-2020-28734
Plone CMS Improper Restriction of XML External Entity Reference Vulnerability
High
CVE-2011-2528
Plone CMS Vulnerability
High
CVE-2011-0720
Plone CMS Vulnerability
High
CVE-2021-33511
Plone CMS Server-Side Request Forgery (SSRF) Vulnerability
High
CVE-2020-28736
Plone CMS Improper Restriction of XML External Entity Reference Vulnerability
High
CVE-2016-4041
Plone CMS Permissions Privileges and Access Controls Vulnerability
High
CVE-2021-32633
Plone CMS Improper Limitation of a Pathname to a Restricted Directory (Path Traversal) Vulnerability
High
CVE-2021-33926
Plone CMS Server-Side Request Forgery (SSRF) Vulnerability
High
CVE-2024-0669
Plone CMS Improper Restriction of Rendered UI Layers or Frames Vulnerability
High
CVE-2024-23756
Plone CMS Vulnerability
High
CVE-2012-5493
Plone CMS Improper Control of Generation of Code (Code Injection) Vulnerability
High
CVE-2012-5487
Plone CMS Permissions Privileges and Access Controls Vulnerability
High
CVE-2024-22889
Plone CMS Incorrect Default Permissions Vulnerability
High
CVE-2015-7318
Plone CMS Improper Input Validation Vulnerability
High
CVE-2020-7940
Plone CMS Weak Password Requirements Vulnerability
High
CVE-2020-7939
Plone CMS Improper Neutralization of Special Elements used in an SQL Command (SQL Injection) Vulnerability
High
CVE-2020-7938
Plone CMS Improper Privilege Management Vulnerability
High
CVE-2015-7293
Plone CMS Cross-Site Request Forgery (CSRF) Vulnerability
High
CVE-2010-2422
Plone CMS Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2017-1000482
Plone CMS Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2011-1948
Plone CMS Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2011-1950
Plone CMS Permissions Privileges and Access Controls Vulnerability
Medium
CVE-2017-1000481
Plone CMS URL Redirection to Untrusted Site (Open Redirect) Vulnerability
Medium