CVE-2025-23209 | Craft CMS up to 4.13.7/5.5.4 code injection (GHSA-x684-96hh-833x)

Posted by Angelo Barbosa | Jan 18, 2025 | CVE

A vulnerability classified as critical has been found in Craft CMS up to 4.13.7/5.5.4. Affected is an unknown function. The manipulation leads to code injection.

This vulnerability is traded as CVE-2025-23209. It is possible to launch the attack remotely. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2025-23209 | Craft CMS up to 4.13.7/5.5.4 code injection (GHSA-x684-96hh-833x)

Related Posts

CVE-2023-42883 | Apple iOS/iPadOS Image denial of service

CVE-2024-9295 | SourceCodester Advocate Office Management System 1.0 /control/login.php username sql injection

CVE-2024-3520 | Country State City Dropdown CF7 Plugin up to 2.7.1 on WordPress authorization

CVE-2024-9781 | Wireshark up to 4.2.7/4.4.0 AppleTalk Dissector/RELOAD Framing Dissector missing values