Chowdhury Faizal Ahammed

1 exploit Active since Dec 2025
CVE-2025-67436 WRITEUP MEDIUM WORKING POC
PluXml CMS 5.8.22 - Authenticated Remote Code Execution via Theme File Injection
Authenticated Remote Code Execution (RCE) in PluXml CMS 5.8.22 allows an attacker with administrator panel access to inject a malicious PHP webshell into a theme file (e.g., home.php).
CVSS 6.5