Packagist (Composer) package
getgrav/grav-plugin-api
pkg:composer/getgrav/grav-plugin-api
Vulnerabilities (1)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2026-42843 | Hig | 8.8 | < 1.0.0-beta.15 | 1.0.0-beta.15 | May 11, 2026 | Grav API Plugin is a RESTful API for Grav CMS that provides full headless access to your site's content, media, configuration, users, and system management. Prior to 1.0.0-beta.15, an insecure direct object reference and logic flaw in the Grav API plugin (UsersController::update) |
- affected < 1.0.0-beta.15fixed 1.0.0-beta.15
Grav API Plugin is a RESTful API for Grav CMS that provides full headless access to your site's content, media, configuration, users, and system management. Prior to 1.0.0-beta.15, an insecure direct object reference and logic flaw in the Grav API plugin (UsersController::update)