CVE Tools

instantsoft

Web & CMS Pluginscommercial

16

Cumulative CVEs

3

Monthly snapshots

#80

Peak rank

Top products

instantsoft/icms24

Latest CVEs

The 15 most recently published vulnerabilities affecting instantsoft.

CVE-2026-28281InstantCMS has Multiple CSRF Vulnerabilities7.1Mar 9, 2026
CVE-2025-59055InstantCMS vulnerable to Server-Side Request Forgery via package installer4.7Sep 11, 2025
CVE-2024-50348InstantCMS has a Cross Site Scripting Vulnerability5.4Oct 29, 2024
CVE-2024-31213InstantCMS Open Redirect vulnerability3.5Apr 5, 2024
CVE-2024-31212SQL injection in index_chart_data action6.7Apr 4, 2024
CVE-2023-4928SQL Injection in instantsoft/icms27.2Sep 13, 2023
CVE-2023-4879Cross-site Scripting (XSS) - Stored in instantsoft/icms24.8Sep 10, 2023
CVE-2023-4878Server-Side Request Forgery (SSRF) in instantsoft/icms25.4Sep 10, 2023
CVE-2023-4704External Control of System or Configuration Setting in instantsoft/icms24.9Sep 1, 2023
CVE-2023-4654Sensitive Cookie in HTTPS Session Without 'Secure' Attribute in instantsoft/icms23.5Aug 31, 2023
CVE-2023-4655Cross-site Scripting (XSS) - Reflected in instantsoft/icms26.1Aug 31, 2023
CVE-2023-4653Cross-site Scripting (XSS) - Stored in instantsoft/icms24.8Aug 31, 2023
CVE-2023-4652Cross-site Scripting (XSS) - Stored in instantsoft/icms25.4Aug 31, 2023
CVE-2023-4651Server-Side Request Forgery (SSRF) in instantsoft/icms25.4Aug 31, 2023
CVE-2023-4650Improper Access Control in instantsoft/icms24.7Aug 31, 2023