Unrated severityNVD Advisory· Published Dec 17, 2025· Updated Apr 7, 2026

PHPJabbers Simple CMS 5.0 Stored Cross-Site Scripting via Section Creation

CVE-2023-53927

Description

PHPJabbers Simple CMS 5.0 contains a stored cross-site scripting vulnerability that allows authenticated attackers to inject malicious scripts through section name parameters. Attackers can create sections with embedded JavaScript payloads that will execute when administrators view the sections, potentially enabling client-side code execution.

Affected products

Simple Cms/Simple CMSllm-fuzzy
Range: = 5.0
PHPJabbers/Simple CMSv5
Range: 5.0

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.exploit-db.com/exploits/51415mitreexploit
www.vulncheck.com/advisories/phpjabbers-simple-cms-stored-cross-site-scripting-via-section-creationmitrethird-party-advisory
www.phpjabbers.commitreproduct

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000