Browse all 7 CVE security advisories affecting GetSimpleCMS-CE. AI-powered Chinese analysis, POCs, and references for each vulnerability.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2026-28495 | GetSimple CMS has CSRF to Remote Code Execution via Arbitrary PHP Write in gsconfig.php — GetSimpleCMS-CECWE-352 | 9.7 | Critical | 2026-03-10 |
| CVE-2026-26351 | GetSimpleCMS-CE < 3.3.22 Stored XSS via components.php — GetSimpleCMS-CECWE-79 | 4.8 | - | 2026-02-24 |
| CVE-2026-27202 | GetSimple CMS: Uploaded Files (feature) Arbitrary File Read Vulnerability — GetSimpleCMS-CECWE-23 | 6.5AI | MediumAI | 2026-02-20 |
| CVE-2026-27161 | Unauthenticated Information Disclosure via .htaccess Reliance in Sensitive Directories — GetSimpleCMS-CECWE-200 | 5.9AI | MediumAI | 2026-02-20 |
| CVE-2026-27147 | GetSimple CMS: Stored Cross-Site Scripting (XSS) via SVG File Upload (Authenticated) — GetSimpleCMS-CECWE-79 | 5.4AI | MediumAI | 2026-02-20 |
| CVE-2026-27146 | GetSimple CMS: Cross-Site Request Forgery (CSRF) in File Upload Allows Arbitrary Uploads — GetSimpleCMS-CECWE-352 | 8.8AI | HighAI | 2026-02-20 |
| CVE-2025-48492 | GetSimple CMS RCE in Edit component — GetSimpleCMS-CECWE-77 | 8.8AI | HighAI | 2025-05-30 |
This page lists every published CVE security advisory associated with GetSimpleCMS-CE. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.