Ghostwire

CVE-2026-38947: FluentCMS 1.2.3 is vulnerable to Cross Site Scripting (XSS) in TextHTML plugin.

UNKNOWN CVSS 0.0 Exploit Available

Published: May 5, 2026 | Last Modified: May 5, 2026

Description

FluentCMS 1.2.3 is vulnerable to Cross Site Scripting (XSS) in TextHTML plugin.

Ghostwire Analysis — What This Means Practically

Exploit code is reported to be available, increasing the likelihood of active exploitation.

This analysis is generated by Ghostwire from NVD, CISA KEV, EPSS, and open-source intelligence data. Verify findings through primary sources before acting.

Security Coverage (1 articles)

References

github.com/fluentcms/FluentCMS/issues/2405