Vulnerabilities in GetSimpleCMS-CE
7 resultsCVE-2025-48492HIGHGetSimple CMS RCE in Edit componentEPSS 0.8%CVE-2026-27202HIGHGetSimple CMS: Uploaded Files (feature) Arbitrary File Read VulnerabilityEPSS 0.5%CVE-2026-27161HIGHUnauthenticated Information Disclosure via .htaccess Reliance in Sensitive DirectoriesEPSS 0.4%CVE-2026-28495CRITICALGetSimple CMS has CSRF to Remote Code Execution via Arbitrary PHP Write in gsconfig.phpEPSS 0.3%CVE-2026-26351MEDIUMGetSimpleCMS-CE < 3.3.22 Stored XSS via components.phpEPSS 0.3%CVE-2026-27147MEDIUMGetSimple CMS: Stored Cross-Site Scripting (XSS) via SVG File Upload (Authenticated)EPSS 0.2%CVE-2026-27146HIGHGetSimple CMS: Cross-Site Request Forgery (CSRF) in File Upload Allows Arbitrary UploadsEPSS 0.2%