CVE-2024-1527 | Unrestricted Upload of File with Dangerous Type in CMS Made Simple
Unrestricted file upload vulnerability in CMS Made Simple, affecting version 2.2.14. This vulnerability allows an authenticated user to bypass the security measures of the upload functionality and potentially create a remote execution of commands via webshell.
Conclusion & alert: CVE-2024-1527 is rated Moderate Risk (59.5/100): CVSS Critical severity, with medium exploitation likelihood (EPSS 0.92%).Mandatory action: Review affected assets and schedule remediation.
Risk is dynamic; we continuously reassess and refresh what is shown on this page as upstream context changes.
Exploit prediction scoring system (EPSS) score for CVE-2024-1527
EPSS lead: Daily EPSS estimates relative likelihood of exploitation; percentile ranks this CVE among scored vulnerabilities (higher = more severe relative rank).