Browse all 9 CVE security advisories affecting MaxSite. AI-powered Chinese analysis, POCs, and references for each vulnerability.
MaxSite is a content management system designed for creating and managing websites with a focus on simplicity and extensibility. Historically, it has been vulnerable to multiple security issues including remote code execution, cross-site scripting, and privilege escalation vulnerabilities. The platform's modular architecture has contributed to consistent security challenges, with nine CVEs documented to date. While no major public security incidents have been widely reported, the pattern of vulnerabilities suggests potential risks for unpatched installations, particularly in environments where default configurations or outdated versions remain in use.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2026-7016 | MaxSite CMS ushki Plugin cross site scripting — CMSCWE-79 | 2.4 | Low | 2026-04-26 |
| CVE-2026-7015 | MaxSite CMS Guestbook Plugin cross site scripting — CMSCWE-79 | 2.4 | Low | 2026-04-26 |
| CVE-2026-7014 | MaxSite CMS down_count Plugin cross site scripting — CMSCWE-79 | 2.4 | Low | 2026-04-26 |
| CVE-2026-7013 | MaxSite CMS mail_send Plugin cross site scripting — CMSCWE-79 | 2.4 | Low | 2026-04-26 |
| CVE-2026-7012 | MaxSite CMS Redirect Plugin cross site scripting — CMSCWE-79 | 2.4 | Low | 2026-04-26 |
| CVE-2026-7011 | MaxSite CMS Antispam Plugin plugin_antispam cross site scripting — CMSCWE-79 | 2.4 | Low | 2026-04-26 |
| CVE-2026-3395 | MaxSite CMS MarkItUp Preview AJAX Endpoint preview-ajax.php eval code injection — CMSCWE-94 | 7.3 | High | 2026-03-01 |
| CVE-2025-12347 | MaxSite CMS save-file-ajax.php unrestricted upload — CMSCWE-434 | 6.3 | Medium | 2025-10-28 |
| CVE-2025-12346 | MaxSite CMS HTTP Header uploads-require-maxsite.php unrestricted upload — CMSCWE-434 | 6.3 | Medium | 2025-10-28 |
This page lists every published CVE security advisory associated with MaxSite. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.