Shodan
Vulnerabilities
Vulnerable Software

Vulnerability Details CVE-2025-70129

If the anti spam-captcha functionality in PluXml versions 5.8.22 and earlier is enabled, a captcha challenge is generated with a format that can be automatically recognized for articles, such that an automated script is able to solve this anti-spam mechanism trivially and publish spam comments. The details of captcha challenge are exposed within document body of articles with comments & anti spam-captcha functionalities enabled, including "capcha-letter", "capcha-word" and "capcha-token" which can be used to construct a valid post request to publish a comment. As such, attackers can flood articles with automated spam comments, especially if there are no other web defenses available.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 15.8%
CVSS Severity
CVSS v3 Score 5.3
Products affected by CVE-2025-70129
  • Pluxml » Pluxml » Version: 0.3.1
    cpe:2.3:a:pluxml:pluxml:0.3.1
  • Pluxml » Pluxml » Version: 5.1.5
    cpe:2.3:a:pluxml:pluxml:5.1.5
  • Pluxml » Pluxml » Version: 5.1.6
    cpe:2.3:a:pluxml:pluxml:5.1.6
  • Pluxml » Pluxml » Version: 5.1.7
    cpe:2.3:a:pluxml:pluxml:5.1.7
  • Pluxml » Pluxml » Version: 5.2
    cpe:2.3:a:pluxml:pluxml:5.2
  • Pluxml » Pluxml » Version: 5.3
    cpe:2.3:a:pluxml:pluxml:5.3
  • Pluxml » Pluxml » Version: 5.3.1
    cpe:2.3:a:pluxml:pluxml:5.3.1
  • Pluxml » Pluxml » Version: 5.4
    cpe:2.3:a:pluxml:pluxml:5.4
  • Pluxml » Pluxml » Version: 5.5
    cpe:2.3:a:pluxml:pluxml:5.5
  • Pluxml » Pluxml » Version: 5.6
    cpe:2.3:a:pluxml:pluxml:5.6
  • Pluxml » Pluxml » Version: 5.7
    cpe:2.3:a:pluxml:pluxml:5.7
  • Pluxml » Pluxml » Version: 5.8
    cpe:2.3:a:pluxml:pluxml:5.8
  • Pluxml » Pluxml » Version: 5.8.1
    cpe:2.3:a:pluxml:pluxml:5.8.1
  • Pluxml » Pluxml » Version: 5.8.10
    cpe:2.3:a:pluxml:pluxml:5.8.10
  • Pluxml » Pluxml » Version: 5.8.11
    cpe:2.3:a:pluxml:pluxml:5.8.11
  • Pluxml » Pluxml » Version: 5.8.12
    cpe:2.3:a:pluxml:pluxml:5.8.12
  • Pluxml » Pluxml » Version: 5.8.13
    cpe:2.3:a:pluxml:pluxml:5.8.13
  • Pluxml » Pluxml » Version: 5.8.14
    cpe:2.3:a:pluxml:pluxml:5.8.14
  • Pluxml » Pluxml » Version: 5.8.15
    cpe:2.3:a:pluxml:pluxml:5.8.15
  • Pluxml » Pluxml » Version: 5.8.16
    cpe:2.3:a:pluxml:pluxml:5.8.16
  • Pluxml » Pluxml » Version: 5.8.17
    cpe:2.3:a:pluxml:pluxml:5.8.17
  • Pluxml » Pluxml » Version: 5.8.18
    cpe:2.3:a:pluxml:pluxml:5.8.18
  • Pluxml » Pluxml » Version: 5.8.19
    cpe:2.3:a:pluxml:pluxml:5.8.19
  • Pluxml » Pluxml » Version: 5.8.2
    cpe:2.3:a:pluxml:pluxml:5.8.2
  • Pluxml » Pluxml » Version: 5.8.20
    cpe:2.3:a:pluxml:pluxml:5.8.20
  • Pluxml » Pluxml » Version: 5.8.21
    cpe:2.3:a:pluxml:pluxml:5.8.21
  • Pluxml » Pluxml » Version: 5.8.22
    cpe:2.3:a:pluxml:pluxml:5.8.22
  • Pluxml » Pluxml » Version: 5.8.3
    cpe:2.3:a:pluxml:pluxml:5.8.3
  • Pluxml » Pluxml » Version: 5.8.4
    cpe:2.3:a:pluxml:pluxml:5.8.4
  • Pluxml » Pluxml » Version: 5.8.5
    cpe:2.3:a:pluxml:pluxml:5.8.5
  • Pluxml » Pluxml » Version: 5.8.6
    cpe:2.3:a:pluxml:pluxml:5.8.6
  • Pluxml » Pluxml » Version: 5.8.7
    cpe:2.3:a:pluxml:pluxml:5.8.7
  • Pluxml » Pluxml » Version: 5.8.8
    cpe:2.3:a:pluxml:pluxml:5.8.8
  • Pluxml » Pluxml » Version: 5.8.9
    cpe:2.3:a:pluxml:pluxml:5.8.9


Products
Pricing
Contact Us

Shodan ® - All rights reserved