CVE-2025-48492 – GetSimple CMS Remote Code Execution (RCE) Vulnerability

CVE ID : CVE-2025-48492

Published : May 30, 2025, 7:15 a.m. | 44 minutes ago

Description : GetSimple CMS is a content management system. In versions starting from 3.3.16 to 3.3.21, an authenticated user with access to the Edit component can inject arbitrary PHP into a component file and execute it via a crafted query string, resulting in Remote Code Execution (RCE). This issue is set to be patched in version 3.3.22.

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more…