Unrated severityNVD Advisory· Published Feb 19, 2026· Updated Mar 5, 2026

SPIP Saisies Plugin < 5.11.1 Remote Code Execution

CVE-2025-71243

Description

The 'Saisies pour formulaire' (Saisies) plugin for SPIP versions 5.4.0 through 5.11.0 contains a critical Remote Code Execution (RCE) vulnerability. An attacker can exploit this vulnerability to execute arbitrary code on the server. Users should immediately update to version 5.11.1 or later.

Affected products

Saisies/Saisiesllm-create
Range: >=5.4.0 <=5.11.0
SPIP/Saisies pour formulairev5
Range: 5.4.0

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

blog.spip.net/Mise-a-jour-critique-de-securite-pour-le-plugin-Saisies.htmlmitrevendor-advisorypatch
www.vulncheck.com/advisories/spip-saisies-plugin-remote-code-executionmitrethird-party-advisory
plugins.spip.net/saisiesmitreproduct

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.068
exploit	0.030
kev	0.000
patch	0.000
ransomware	0.000