CVE-2026-31205 - Pluck CMS Cross Site Scripting (XSS) Privilege Escalation
CVE ID :CVE-2026-31205 Published : May 4, 2026, 2:16 p.m. | 38 minutes ago Description :Cross Site Scripting vulnerability in Pluck CMS before v.4.7.21dev allows a remote attacker to escalate privileges via the editpage.php and the sanitizePageContent function Severity: 5.7 | MEDIUM Vi
ORIGINAL SOURCE →via CVE Feed Latest
ADVERTISEMENT
⚡ STAY AHEAD
Events like this, convergence-verified across 689 sources, land in your inbox every Sunday. Free.
GET THE SUNDAY BRIEFING →RELATED · cyber
- [CYBER] 60–80% of your CVEs are unreachable. Here's how to prove it.
- [CYBER] Rajasthan Man Posing As "Love Guru" Arrested For Extortion, Blackmailing
- [CYBER] Trellix discloses data breach after source code repository hack
- [CYBER] CVE-2026-42809 - Apache Polaris: An authenticated low-privileged user can abuse Polaris staged table creation to mint broad temporary storage credentials for an attacker-chosen location before Polaris validates that location
- [CYBER] CVE-2026-42812 - Apache Polaris: No protection on `write.metadata.path`
- [CYBER] CVE-2026-37458 - FRRouting FRR Denial of Service