CVE Tools

get-simple

Web & CMS Pluginscommercial

22

Cumulative CVEs

10

Monthly snapshots

#40

Peak rank

Top products

Latest CVEs

The 15 most recently published vulnerabilities affecting get-simple.

CVE-2021-47870GetSimple CMS My SMTP Contact Plugin 1.1.2 - Stored XSS5.4Jan 21, 2026
CVE-2013-10032GetSimple CMS 3.2.1 Authenticated RCE via Arbitrary PHP File Upload8.8Jul 25, 2025
CVE-2024-11125GetSimpleCMS profile.php cross-site request forgery4.3Nov 12, 2024
CVE-2023-51246A Cross Site Scripting (XSS) vulnerability in GetSimple CMS 3.3.16 exists when using Source Code Mode as a backend user to add articles via the /admin/edit.php page.5.4Jan 8, 2024
CVE-2023-6188GetSimpleCMS theme-edit.php code injection4.7Nov 17, 2023
CVE-2023-46040Cross Site Scripting vulnerability in GetSimpleCMS v.3.4.0a allows a remote attacker to execute arbitrary code via the a crafted payload to the components.php function.5.4Oct 31, 2023
CVE-2023-46042An issue in GetSimpleCMS v.3.4.0a allows a remote attacker to execute arbitrary code via a crafted payload to the phpinfo().9.8Oct 19, 2023
CVE-2022-41544GetSimple CMS v3.3.16 was discovered to contain a remote code execution (RCE) vulnerability via the edited_file parameter in admin/theme-edit.php.9.8Oct 18, 2022
CVE-2022-1503GetSimple CMS Content Module edit.php cross site scripting3.5Apr 27, 2022
CVE-2021-36601GetSimpleCMS 3.3.16 contains a cross-site Scripting (XSS) vulnerability, where Function TSL does not filter check settings.php Website URL: "siteURL" parameter.6.1Aug 10, 2021
CVE-2020-21353A stored cross site scripting (XSS) vulnerability in /admin/snippets.php of GetSimple CMS 3.4.0a allows attackers to execute arbitrary web scripts or HTML via crafted payload in the Edit Snippets m...5.4Aug 6, 2021
CVE-2020-18660GetSimpleCMS <=3.3.15 has an open redirect in admin/changedata.php via the redirect function to the url parameter.6.1Jun 23, 2021
CVE-2020-18659Cross Site Scripting vulnerability in GetSimpleCMS <=3.3.15 via the (1) sitename, (2) username, and (3) email parameters to /admin/setup.php6.1Jun 23, 2021
CVE-2020-18658Cross Site Scriptiong (XSS) vulnerability in GetSimpleCMS <=3.3.15 via the timezone parameter to settings.php.6.1Jun 23, 2021
CVE-2020-18657Cross Site Scripting (XSS) vulnerability in GetSimpleCMS <= 3.3.15 in admin/changedata.php via the redirect_url parameter and the headers_sent function.6.1Jun 23, 2021