CVE-2026-27202

High CVSS: 8.8

GetSimple CMS is a content management system. All versions of GetSimple CMS have a flaw in the Uploaded Files feature that allows for arbitrary file reads. This issue has not been fixed at the time of publication.

Vendor

Getsimple-ce

Product

Getsimple Cms

CWE

CWE-22

Yayın Tarihi

2026-02-21 00:16:17

Güncelleme

2026-02-24 13:08:23

Source Identifier

security-advisories@github.com

KEV Date Added

Kategoriler

CWE-22 Getsimple Cms HIGH Getsimple-ce 2026

Referanslar

https://github.com/GetSimpleCMS-CE/GetSimpleCMS-CE/security/advisories/GHSA-xhwv-g6q4-h886

Benzer Kayıtlar

Critical

CVE-2026-28495

GetSimple CMS is a content management system. The massiveAdmin plugin (v6.0.3) bundled with GetSimpleCMS-CE v3.3.22 allo…

Medium

CVE-2026-26351

GetSimpleCMS Community Edition (CE) version 3.3.16 contains a stored cross-site scripting (XSS) vulnerability in the The…

High

CVE-2026-27146

GetSimple CMS is a content management system. All versions of GetSimple CMS do not implement CSRF protection on the admi…

Medium

CVE-2026-27147

GetSimple CMS is a content management system. All versions of GetSimple CMS are vulnerable to XSS through SVG file uploa…

High

CVE-2026-27161

GetSimple CMS is a content management system. All versions of GetSimple CMS rely on .htaccess files to restrict access t…

High

CVE-2025-48492

GetSimple CMS is a content management system. In versions starting from 3.3.16 to 3.3.21, an authenticated user with acc…