CVE-2024-55085

CVSS 3.1 Score 9.8 of 10 (high)

Details

Published Dec 16, 2024

Updated: Dec 17, 2024

CWE ID 94

Summary

CVE-2024-55085 is a newly identified vulnerability in GetSimple Content Management System CE 3.3.19. This issue allows an attacker to execute arbitrary code through the template editing function in the background management system. By exploiting this vulnerability, an adversary can gain control over the affected system and potentially install malware or steal sensitive data, posing a significant risk to organizations using this CMS. It is recommended that users upgrade to the latest version as soon as possible to mitigate this threat.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Affected Vendors

Pluck -

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/1Tt2Zq
https://www.cve.org/CVERecord?id=CVE-2024-55085
https://nvd.nist.gov/vuln/detail/CVE-2024-55085

Back to Vulnerability Database