CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Processwire: >> Processwire >> 3.0.165 Security Vulnerabilities

CVE-2025-60790

ProcessWire CMS 3.0.246 allows a low-privileged user with lang-edit to upload a crafted ZIP to Language Support that is auto-extracted without limits prior to validation, enabling resource-exhaustion Denial of Service.

CVSS Score

6.5

EPSS Score

0.0

Published

2025-10-21

Page 1

Vulnerabilities

Vulnerable Software

Processwire: >> Processwire >> 3.0.165 Security Vulnerabilities

Products

Pricing

Contact Us