Description CMS Made Simple 2.2.1 Local File Inclusion Remediation Update to CMS Made Simple 2.2.2 or later. References http://www.cmsmadesimple.org/2017/07/Announcing-CMSMS-2.2.2-Hearts-Content Related Vulnerabilities WordPress Plugin BJ Lazy Load Remote Code Execution (0.7.5) WordPress Plugin SG Optimizer Local File Inclusion (5.0.12) XWikiplatform Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2024-37900) WordPress Plugin Gwolle Guestbook Remote File Inclusion (1.5.3) vBulletin 5.6.1 nodeId SQL injection Severity Medium Classification CWE-94 CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:L CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N Tags File Inclusion