CVSS 3.1 Score 7.5 of 10 (high)


Published Jan 30, 2024
Updated: Mar 21, 2024


CVE-2023-36260 is a vulnerability found in the Feed Me plugin 4.6.1 for Craft CMS. It allows remote attackers to cause a denial of service (DoS) by sending specific strings to the Feed-Me Name and Feed-Me URL fields, resulting in a feed being saved without a selected volume. This vulnerability affects various products, including Craft CMS versions 4.6.1 and possibly others. To remediate this issue, users should update to the latest version of the plugin and Craft CMS. The potential danger posed by this vulnerability is high, as it can lead to a DoS attack, impacting the availability of affected systems and potentially disrupting business operations.

Leverage our Vulnerability Intelligence module to secure your systems now - get detailed insights on CVE-2024-37364. Book your demo today.


Explore Beyond the CVE Basics with Recorded Future's Vulnerability Intelligence

Note: This is just a basic overview providing quick insights into CVE-2023-36260 information. Gain full access to comprehensive CVE data, risk scores, prioritization, and mitigation data through Recorded Future's Vulnerability Intelligence:
  • Prioritize with Risk-Based Scoring
  • Explore the Extensive Vulnerability Database
  • Receive Early Alerts on Emerging CVEs
  • Focus on Critical Exploitable Vulnerabilities
  • Streamline Remediation with Integration Options