Vulnerability Database
296,746
Total vulnerabilities in the database
CVE-2025-57811
You must have administrator access, and ALLOW_ADMIN_CHANGES must be enabled for this to work.
https://craftcms.com/knowledge-base/securing-craft#set-allowAdminChanges-to-false-in-production
Note: This is a follow-up to GHSA-f3cw-hg6r-chfv
Users should update to the patched versions (4.16.6 and 5.8.7) to mitigate the issue.
References: https://github.com/craftcms/cms/pull/17612
| Software | From | Fixed in |
|---|---|---|
craftcms / cms
|
4.0.0-RC1 | 4.16.6 |
|
craftcms / cms
|
5.0.0-RC1 | 5.8.7 |
Deep Security Visibility Without the Complexity
SynScan provides clear, real-time security insights so you can monitor your attack surface, spot risks early, and act fast—without extra complexity.
- No setup fees
- 5-min deployment
- Cancel anytime