Plone vulnerabilities

The Plone Content Management System

Direct Vulnerabilities

Known vulnerabilities in the Plone package. This does not include vulnerabilities belonging to this package’s dependencies.

Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.
Fix for free
Vulnerability Vulnerable Version
  • M
Information Exposure

[0,)
  • M
Cross-site Scripting (XSS)

[,5.0)
  • M
Cross-site Scripting (XSS)

[3.3,3.3.6) [4.0,4.0.9) [4.1,4.1.6) [4.3,4.3.2)
  • H
Server-side Request Forgery (SSRF)

[4.3,5.2.5)
  • M
Cross-site Scripting (XSS)

[5.0,5.2.5)
  • L
Server-side Request Forgery (SSRF)

[5.0,5.2.5)
  • M
Cross-site Scripting (XSS)

[5.0,5.2.5)
  • M
Access Restriction Bypass

[4.3,5.2.5)
  • L
Server-side Request Forgery (SSRF)

[4.3,5.2.5)
  • M
Cross-site Scripting (XSS)

[4.3,5.2.5)
  • L
Cross-site Scripting (XSS)

[4.3,5.2.5)
  • H
Cross-site Scripting (XSS)

[,5.2.5)
  • M
Server-side Request Forgery (SSRF)

[,5.2.3)
  • M
XML External Entity (XXE) Injection

[,5.2.3)
  • M
XML External Entity (XXE) Injection

[,5.2.3)
  • L
Weak Password Requirements

[4.3,4.3.20) [5.0,5.2.1)
  • M
SQL Injection

[0,5.2.2)
  • M
Cross-site Scripting (XSS)

[0,5.2.2)
  • M
Privilege Escalation

[0,5.2.2)
  • L
Cross-site Scripting (XSS)

[0,5.2.2)
  • M
Cross-site Scripting (XSS)

[,2.5.3)
  • M
Cross-site Scripting (XSS)

[,3.0.4)
  • M
Arbitrary Code Execution

[,4.2.3)
  • H
Information Exposure

[,3.0.0)
  • M
Sandbox Escape

[4.0,4.3.16) [5,5.1.0)
  • M
Cross-site Scripting (XSS)

[,4.3.16) [5,5.1.0)
  • M
Open Redirect

[2.5,5.1)
  • M
Open Redirect

[,4.3.16) [5,5.1.0)
  • H
Cross-site Request Forgery (CSRF)

[,4.3.7) [5.0a1,5.0)
  • M
Sandbox Bypass

[4,5.1a2]
  • M
Cross-site Scripting (XSS)

[,5.1a2]
  • M
Cross-site Scripting (XSS)

[4,5.1a1]
  • M
Information Exposure

[4.2,5.1a1]
  • M
Cross-site Scripting (XSS)

[4,5.1a1]
  • M
Open Redirect

[,5.0.6]
  • M
Cross-site Scripting (XSS)

[,5.1a1]
  • M
Information Exposure

[3.3,5.1a1]
  • M
Access Restriction Bypass

[5.0,5.1a1]
  • H
Access Restriction Bypass

[4.0,5.1a1]
  • M
Access Restriction Bypass

[3.3,4.2.7]
  • H
HTTP Response Splitting

[3,4.0)
  • M
Unauthorized User Creation

[,4.3.7)
  • M
Cross-site Scripting (XSS)

[,4.3.7)
  • M
Information Exposure

[3.3,4.3.2]
  • M
Access Restriction Bypass

[3.3,4.3.2]
  • M
Denial of Service (DoS)

[,4.2.5) [4.3,4.3.1)
  • M
Access Restriction Bypass

[,4.2.5) [4.3,4.3.1)
  • M
Cross-site Scripting (XSS)

[,4.2.5) [4.3,4.3.1)
  • M
Information Exposure

[,4.2.5) [4.3,4.3.1)
  • M
Email Spoofing

[,4.2.5) [4.3,4.3.1)
  • M
Access Restriction Bypass

[,4.2.5) [4.3,4.3.1)
  • M
Information Exposure

[,4.2.5) [4.3,4.3.1)
  • M
Open Redirect

[,4.2.5) [4.3,4.3.1)
  • M
Information Exposure

[,4.2.5) [4.3,4.3.1)
  • M
Arbitrary Portrait Modification

[,4.2.5) [4.3,4.3.1)
  • M
Access Restriction Bypass

[,4.2.5) [4.3,4.3.1)
  • M
Arbitrary Web Redirect

[4.3.0,4.3.1]
  • L
Denial of Service (DoS)

[,4.2.5) [4.3,4.3.1)
  • H
Arbitrary Code Execution

[,4.2.3) [4.3a1,4.3b1)
  • M
Arbitrary Code Execution

[,4.2.3) [4.3a1,4.3b1)
  • M
Cross-site Scripting (XSS)

[,4.2.3) [4.3a1,4.3b1)
  • H
Arbitrary Code Execution

[,4.2.3) [4.3a1,4.3b1)
  • M
Information Exposure

[,4.2.3) [4.3a1,4.3b1)
  • M
Denial of Service (DoS)

[,4.0)
  • M
Cross-site Scripting (XSS)

[,4.2.3) [4.3a1,4.3b1)
  • M
Arbitrary Code Execution

[,4.2.3) [4.3a1,4.3b1)
  • M
Information Exposure

[,4.2.3) [4.3a1,4.3b1)
  • M
Denial of Service (DoS)

[,4.2.3) [4.3a1,4.3b1)
  • M
Denial of Service (DoS)

[,4.2.3) [4.3a1,4.3b1)
  • M
Cross-site Request Forgery (CSRF)

[,4.2.3) [4.3a1,4.3b1)
  • M
Arbitrary BLOB Read

[,4.2.3) [4.3a1,4.3b1)
  • L
Cross-site Scripting (XSS)

[,4.2.3) [4.3.a1,4.3b1)
  • M
Information Exposure

[,4.2.3) [4.3a1,4.3b1)
  • M
Cross-site Scripting (XSS)

[,4.2.3) [4.3.a1,4.3b1)
  • M
Information Exposure

[,4.2.3) [4.3.a1,4.3b1)
  • M
Denial of Service (DoS)

[,4.2.3) [4.3a1,4.3b1)
  • M
Information Exposure

[,4.2.3) [4.3a1,4.3b1)
  • M
Information Exposure

[,4.2.3) [4.3a1,4.3b1)
  • M
Denial of Service (DoS)

[,4.1.3]
  • H
Arbitrary Sub-object Access

[4,4.0.9] [4.1,4.2a2]
  • H
Privilege Escalation

[4.1]
  • M
Cross-site Scripting (XSS)

[,4.2)
  • M
Arbitrary Property Modification

[4,4.2)
  • H
Arbitrary File Creation

[2.5,4.1)
  • M
Cross-site Scripting (XSS)

[2.1,3.3.5)

Package versions

1 - 100 of 187 Results
version published direct vulnerabilities
6.1.0b1 31 Oct, 2024
  • 0
    C
  • 0
    H
  • 1
    M
  • 0
    L
6.1.0a5 5 Sep, 2024
  • 0
    C
  • 0
    H
  • 1
    M
  • 0
    L
6.1.0a4 1 Aug, 2024
  • 0
    C
  • 0
    H
  • 1
    M
  • 0
    L
6.1.0a3 26 Apr, 2024
  • 0
    C
  • 0
    H
  • 1
    M
  • 0
    L
6.1.0a2 27 Feb, 2024
  • 0
    C
  • 0
    H
  • 1
    M
  • 0
    L
6.1.0a1 26 Jan, 2024
  • 0
    C
  • 0
    H
  • 1
    M
  • 0
    L
6.0.13 5 Sep, 2024
  • 0
    C
  • 0
    H
  • 1
    M
  • 0
    L
6.0.12 1 Aug, 2024
  • 0
    C
  • 0
    H
  • 1
    M
  • 0
    L
6.0.11 25 Apr, 2024
  • 0
    C
  • 0
    H
  • 1
    M
  • 0
    L
6.0.10 22 Feb, 2024
  • 0
    C
  • 0
    H
  • 1
    M
  • 0
    L
6.0.9 14 Dec, 2023
  • 0
    C
  • 0
    H
  • 1
    M
  • 0
    L
6.0.8 26 Oct, 2023
  • 0
    C
  • 0
    H
  • 1
    M
  • 0
    L
6.0.7 14 Sep, 2023
  • 0
    C
  • 0
    H
  • 1
    M
  • 0
    L
6.0.6 22 Jun, 2023
  • 0
    C
  • 0
    H
  • 1
    M
  • 0
    L
6.0.5 25 May, 2023
  • 0
    C
  • 0
    H
  • 1
    M
  • 0
    L
6.0.4 21 Apr, 2023
  • 0
    C
  • 0
    H
  • 1
    M
  • 0
    L
6.0.3 23 Mar, 2023
  • 0
    C
  • 0
    H
  • 1
    M
  • 0
    L
6.0.2 23 Feb, 2023
  • 0
    C
  • 0
    H
  • 1
    M
  • 0
    L
6.0.1 30 Jan, 2023
  • 0
    C
  • 0
    H
  • 1
    M
  • 0
    L
6.0.0 12 Dec, 2022
  • 0
    C
  • 0
    H
  • 1
    M
  • 0
    L
6.0.0rc2 5 Dec, 2022
  • 0
    C
  • 0
    H
  • 1
    M
  • 0
    L
6.0.0rc1 18 Nov, 2022
  • 0
    C
  • 0
    H
  • 1
    M
  • 0
    L
6.0.0b3 4 Oct, 2022
  • 0
    C
  • 0
    H
  • 1
    M
  • 0
    L
6.0.0b2 9 Sep, 2022
  • 0
    C
  • 0
    H
  • 1
    M
  • 0
    L
6.0.0b1 22 Jul, 2022
  • 0
    C
  • 0
    H
  • 1
    M
  • 0
    L
6.0.0a6 27 Jun, 2022
  • 0
    C
  • 0
    H
  • 1
    M
  • 0
    L
6.0.0a5 24 Jun, 2022
  • 0
    C
  • 0
    H
  • 1
    M
  • 0
    L
6.0.0a4 7 Apr, 2022
  • 0
    C
  • 0
    H
  • 1
    M
  • 0
    L
6.0.0a3 28 Jan, 2022
  • 0
    C
  • 0
    H
  • 1
    M
  • 0
    L
6.0.0a2 3 Dec, 2021
  • 0
    C
  • 0
    H
  • 1
    M
  • 0
    L
6.0.0a1 16 Oct, 2021
  • 0
    C
  • 0
    H
  • 1
    M
  • 0
    L
5.2.15 1 Aug, 2024
  • 0
    C
  • 0
    H
  • 1
    M
  • 0
    L
5.2.14 21 Sep, 2023
  • 0
    C
  • 0
    H
  • 1
    M
  • 0
    L
5.2.13 19 Jul, 2023
  • 0
    C
  • 0
    H
  • 1
    M
  • 0
    L
5.2.12 19 Apr, 2023
  • 0
    C
  • 0
    H
  • 1
    M
  • 0
    L
5.2.11 26 Jan, 2023
  • 0
    C
  • 0
    H
  • 1
    M
  • 0
    L
5.2.10 31 Oct, 2022
  • 0
    C
  • 0
    H
  • 1
    M
  • 0
    L
5.2.9 18 Jul, 2022
  • 0
    C
  • 0
    H
  • 1
    M
  • 0
    L
5.2.8 29 Apr, 2022
  • 0
    C
  • 0
    H
  • 1
    M
  • 0
    L
5.2.7 25 Jan, 2022
  • 0
    C
  • 0
    H
  • 1
    M
  • 0
    L
5.2.6 22 Oct, 2021
  • 0
    C
  • 0
    H
  • 1
    M
  • 0
    L
5.2.5 30 Jul, 2021
  • 0
    C
  • 0
    H
  • 1
    M
  • 0
    L
5.2.4 19 Feb, 2021
  • 0
    C
  • 2
    H
  • 5
    M
  • 3
    L
5.2.3 30 Oct, 2020
  • 0
    C
  • 2
    H
  • 5
    M
  • 3
    L
5.2.2 27 Jun, 2020
  • 0
    C
  • 2
    H
  • 8
    M
  • 3
    L
5.2.1 2 Dec, 2019
  • 0
    C
  • 2
    H
  • 11
    M
  • 4
    L
5.2.0 11 Jul, 2019
  • 0
    C
  • 2
    H
  • 11
    M
  • 5
    L
5.2rc5 27 Jun, 2019
  • 0
    C
  • 2
    H
  • 11
    M
  • 5
    L
5.2rc4 20 Jun, 2019
  • 0
    C
  • 2
    H
  • 11
    M
  • 5
    L
5.2rc3 5 May, 2019
  • 0
    C
  • 2
    H
  • 11
    M
  • 5
    L
5.2rc2 22 Mar, 2019
  • 0
    C
  • 2
    H
  • 11
    M
  • 5
    L
5.2rc1 4 Mar, 2019
  • 0
    C
  • 2
    H
  • 11
    M
  • 5
    L
5.2b1 14 Feb, 2019
  • 0
    C
  • 2
    H
  • 11
    M
  • 5
    L
5.2a2 29 Dec, 2018
  • 0
    C
  • 2
    H
  • 11
    M
  • 5
    L
5.2a1 8 Nov, 2018
  • 0
    C
  • 2
    H
  • 11
    M
  • 5
    L
5.1.7 21 Sep, 2020
  • 0
    C
  • 2
    H
  • 11
    M
  • 5
    L
5.1.6 3 Sep, 2019
  • 0
    C
  • 2
    H
  • 11
    M
  • 5
    L
5.1.5 11 Dec, 2018
  • 0
    C
  • 2
    H
  • 11
    M
  • 5
    L
5.1.4 2 Oct, 2018
  • 0
    C
  • 2
    H
  • 11
    M
  • 5
    L
5.1.3 21 Jun, 2018
  • 0
    C
  • 2
    H
  • 11
    M
  • 5
    L
5.1.2 8 Apr, 2018
  • 0
    C
  • 2
    H
  • 11
    M
  • 5
    L
5.1.1 11 Mar, 2018
  • 0
    C
  • 2
    H
  • 11
    M
  • 5
    L
5.1.0 15 Feb, 2018
  • 0
    C
  • 2
    H
  • 11
    M
  • 5
    L
5.1rc2 27 Nov, 2017
  • 0
    C
  • 2
    H
  • 15
    M
  • 5
    L
5.1rc1 10 Sep, 2017
  • 0
    C
  • 2
    H
  • 15
    M
  • 5
    L
5.1b4 3 Jul, 2017
  • 0
    C
  • 2
    H
  • 15
    M
  • 5
    L
5.1b3 2 Apr, 2017
  • 0
    C
  • 2
    H
  • 15
    M
  • 5
    L
5.1b2 20 Feb, 2017
  • 0
    C
  • 2
    H
  • 15
    M
  • 5
    L
5.1b1 20 Feb, 2017
  • 0
    C
  • 2
    H
  • 15
    M
  • 5
    L
5.1a2 19 Aug, 2016
  • 0
    C
  • 2
    H
  • 17
    M
  • 5
    L
5.1a1 31 Mar, 2016
  • 0
    C
  • 3
    H
  • 23
    M
  • 5
    L
5.0.10 9 Jan, 2019
  • 0
    C
  • 3
    H
  • 23
    M
  • 5
    L
5.0.9 5 Aug, 2017
  • 0
    C
  • 3
    H
  • 23
    M
  • 5
    L
5.0.8 4 Jun, 2017
  • 0
    C
  • 3
    H
  • 23
    M
  • 5
    L
5.0.7 20 Feb, 2017
  • 0
    C
  • 3
    H
  • 23
    M
  • 5
    L
5.0.6 23 Aug, 2016
  • 0
    C
  • 3
    H
  • 24
    M
  • 5
    L
5.0.5 22 Jun, 2016
  • 0
    C
  • 3
    H
  • 24
    M
  • 5
    L
5.0.4 31 Mar, 2016
  • 0
    C
  • 3
    H
  • 24
    M
  • 5
    L
5.0.3 3 Mar, 2016
  • 0
    C
  • 3
    H
  • 24
    M
  • 5
    L
5.0.2 9 Jan, 2016
  • 0
    C
  • 3
    H
  • 24
    M
  • 5
    L
5.0.1 18 Dec, 2015
  • 0
    C
  • 3
    H
  • 24
    M
  • 5
    L
5.0 28 Sep, 2015
  • 0
    C
  • 3
    H
  • 24
    M
  • 5
    L
5.0rc3 21 Sep, 2015
  • 0
    C
  • 4
    H
  • 19
    M
  • 3
    L
5.0rc2 12 Sep, 2015
  • 0
    C
  • 4
    H
  • 19
    M
  • 3
    L
5.0rc1 8 Sep, 2015
  • 0
    C
  • 4
    H
  • 19
    M
  • 3
    L
5.0b4 24 Aug, 2015
  • 0
    C
  • 4
    H
  • 19
    M
  • 3
    L
5.0b3 20 Jul, 2015
  • 0
    C
  • 4
    H
  • 19
    M
  • 3
    L
5.0b2 14 May, 2015
  • 0
    C
  • 4
    H
  • 19
    M
  • 3
    L
5.0b1 27 Mar, 2015
  • 0
    C
  • 4
    H
  • 19
    M
  • 3
    L
5.0a3 1 Nov, 2014
  • 0
    C
  • 4
    H
  • 19
    M
  • 3
    L
5.0a2 20 Apr, 2014
  • 0
    C
  • 4
    H
  • 19
    M
  • 3
    L
5.0a1 3 Mar, 2014
  • 0
    C
  • 4
    H
  • 19
    M
  • 3
    L
4.3.20 19 Aug, 2020
  • 0
    C
  • 3
    H
  • 19
    M
  • 3
    L
4.3.19 9 Sep, 2019
  • 0
    C
  • 3
    H
  • 19
    M
  • 4
    L
4.3.18 29 May, 2018
  • 0
    C
  • 3
    H
  • 19
    M
  • 4
    L
4.3.17 8 Mar, 2018
  • 0
    C
  • 3
    H
  • 19
    M
  • 4
    L
4.3.16 9 Sep, 2017
  • 0
    C
  • 3
    H
  • 19
    M
  • 4
    L
4.3.15 3 Jul, 2017
  • 0
    C
  • 3
    H
  • 22
    M
  • 4
    L
4.3.14 3 Apr, 2017
  • 0
    C
  • 3
    H
  • 22
    M
  • 4
    L
4.3.13 16 Mar, 2017
  • 0
    C
  • 3
    H
  • 22
    M
  • 4
    L