Exposure of Grav

CMS

44

exposure score

747

sites use

0

exploited

3

critical

CVEs

46 results

CVE-2025-66308MEDIUMGrav Admin Plugin vulnerable to Cross-Site Scripting (XSS) Stored endpoint `/admin/config/site` parameter `data[taxonomies]`EPSS 0.2%CVE-2025-66312MEDIUMGrav Admin Plugin vulnerable to Cross-Site Scripting (XSS) Stored endpoint `/admin/accounts/groups/[group]` parameter `data[readableName]`EPSS 0.2%CVE-2025-66311MEDIUMGrav vulnerable to Cross-Site Scripting (XSS) Stored endpoint `/admin/pages/[page]` in Multiples parametersEPSS 0.2%CVE-2025-66310MEDIUMGrav vulnerable to Cross-Site Scripting (XSS) Stored endpoint `/admin/pages/[page]` parameter `data[header][template]` in Advanced TabEPSS 0.2%CVE-2026-42842MEDIUMgrav-plugin-form: XSS via Taxonomy Field Values in Admin PanelEPSS 0.1%CVE-2020-37256MEDIUMGrav - Cross-Site Scripting in Admin Plugin Page EditorEPSS —

← previouspage 3 / 3next →

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →