When you purchase through links on our site, we may earn an affiliate commission.Heres how it works.

Being added to KEV means that CISA has evidence someone is abusing the flaw in real-life attacks.

The deadline to patch the CMS is March 13, 2025.

A close-up of an interent search bar with �http://ww� visible

Admins should look for versions 5.5.8 and 4.13.8.

Craft CMS is a content management system designed for developers and content creators.

There are many ways in which cybercriminals can abuse flawed content management systems.

They can serve them malicious ads or, in more extreme cases, drop malware to their computers.