Instantcms Vulnerabilities
Comprehensive security vulnerability database for Instantcms products
1
0
1
1
Severity Distribution
| Description | Vendor / Product | Exploit Status | |||
|---|---|---|---|---|---|
| CVE-2026-28281 | 7.1 | This vulnerability allows attackers to gain moderator privileges, execute tasks, delete posts, and accept friend requests on behalf of users without their consent. It occurs because the system fails to properly check security tokens, and it affects versions prior to 2.18.1, so upgrading is essential to protect against these risks. | instantcmsinstantcms | Exploit Available | 28 days agoMar 10, 2026 |
About Instantcms Security
This page tracks all publicly disclosed security vulnerabilities (CVEs) affecting Instantcms products. Our database is updated in real-time from the National Vulnerability Database (NVD) and enriched with exploit information from GitHub and other security research sources.
Each CVE listing includes CVSS severity scores, exploit availability status, AI-powered vulnerability summaries, and links to official patches and security advisories.