Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

plone

About This Vendor

plone is a technology vendor producing software and infrastructure products. As a software provider, plone's broad product portfolio across multiple domains—including operating systems, cloud infrastructure, enterprise applications, databases, networking, and security tools—creates a large attack surface. Additionally, long support cycles, widespread deployment, and continuous feature development contribute to the accumulation of discovered vulnerabilities over time. Major vendors typically report higher CVE counts not necessarily due to inferior security, but because of greater exposure to security research, responsible disclosure practices, and the sheer complexity of maintaining multiple product lines and legacy systems. Regular security assessments and patching of plone's products are critical for organizations running their software in production environments.

Vulnerability Trends for This Vendor

SecUtils has indexed 116 known vulnerabilities from plone. This includes 4 critical-severity issues and 24 high-severity issues that represent significant risk. These vulnerabilities affect 16 distinct products across plone's portfolio, demonstrating the breadth of the vendor's product ecosystem and the importance of comprehensive patch management strategies. Disclosure dates span from 2006 through 2026, indicating decades of continuous security attention and research. Organizations deploying plone products should maintain active vulnerability monitoring, prioritize critical patches, and implement compensating controls where patches cannot be applied immediately.

ID	Date Published	Last Modified	Severity (CVSSv3)	Severity (CVSSv2)	Exploit Available
CVE-2006-1711	2006-04-11	2025-04-03	-	5.0	Likely
CVE-2006-4247	2006-09-29	2025-04-09	-	6.4	Likely
CVE-2006-4249	2006-12-07	2025-04-09	-	4.3	Likely
CVE-2007-5741	2007-11-07	2025-04-09	-	7.5	Likely
CVE-2008-0164	2008-03-20	2025-04-09	-	4.3	Likely
CVE-2008-1393	2008-03-20	2025-04-09	-	10.0	Likely
CVE-2008-1394	2008-03-20	2025-04-09	-	7.5	Likely
CVE-2008-1395	2008-03-20	2025-04-09	-	7.5	Likely
CVE-2008-1396	2008-03-20	2025-04-09	-	4.3	Likely
CVE-2008-4571	2008-10-15	2025-04-09	-	4.3	Likely
CVE-2009-0662	2009-04-23	2025-04-09	-	6.0	Unknown
CVE-2010-2422	2010-06-24	2025-04-11	-	4.3	Likely
CVE-2011-0720	2011-02-03	2025-04-11	-	7.5	Likely
CVE-2011-1948	2011-06-06	2025-04-11	-	4.3	Likely
CVE-2011-1949	2011-06-06	2025-04-11	-	3.5	Unknown
CVE-2011-1950	2011-06-06	2025-04-11	-	5.5	Likely
CVE-2011-2528	2011-07-19	2025-04-11	-	7.5	Likely
CVE-2011-1340	2011-08-05	2025-04-11	-	4.3	Likely
CVE-2011-3587	2011-10-10	2025-04-11	-	9.3	Likely
CVE-2011-4030	2011-10-10	2025-04-11	-	9.3	Likely
CVE-2011-4462	2011-12-30	2025-04-11	-	5.0	Likely
CVE-2013-4200	2014-01-21	2025-04-11	-	5.8	Likely
CVE-2013-4188	2014-03-11	2025-04-12	-	4.3	Likely
CVE-2013-4189	2014-03-11	2025-04-12	-	6.5	Likely
CVE-2013-4190	2014-03-11	2025-04-12	-	4.3	Likely
CVE-2013-4191	2014-03-11	2025-04-12	-	5.8	Likely
CVE-2013-4192	2014-03-11	2025-04-12	-	4.0	Likely
CVE-2013-4193	2014-03-11	2025-04-12	-	4.3	Likely
CVE-2013-4194	2014-03-11	2025-04-12	-	4.3	Likely
CVE-2013-4195	2014-03-11	2025-04-12	-	5.8	Likely
CVE-2013-4196	2014-03-11	2025-04-12	-	5.0	Likely
CVE-2013-4197	2014-03-11	2025-04-12	-	5.5	Likely
CVE-2013-4198	2014-03-11	2025-04-12	-	4.0	Likely
CVE-2013-4199	2014-03-11	2025-04-12	-	3.5	Unknown
CVE-2013-7060	2014-05-02	2025-04-12	-	5.0	Likely
CVE-2013-7061	2014-05-02	2025-04-12	-	5.5	Likely
CVE-2012-5485	2014-09-30	2025-04-12	-	6.8	Likely
CVE-2012-5486	2014-09-30	2025-04-12	-	6.4	Likely
CVE-2012-5487	2014-09-30	2025-04-12	-	8.5	Unknown
CVE-2012-5488	2014-09-30	2025-04-12	-	5.0	Likely
CVE-2012-5489	2014-09-30	2025-04-12	-	6.5	Likely
CVE-2012-5490	2014-09-30	2025-04-12	-	4.3	Likely
CVE-2012-5491	2014-09-30	2025-04-12	-	4.3	Likely
CVE-2012-5492	2014-09-30	2025-04-12	-	5.0	Likely
CVE-2012-5493	2014-09-30	2025-04-12	-	8.5	Unknown
CVE-2012-5494	2014-09-30	2025-04-12	-	4.3	Likely
CVE-2012-5495	2014-09-30	2025-04-12	-	5.0	Likely
CVE-2012-5496	2014-09-30	2025-04-12	-	5.0	Likely
CVE-2012-5497	2014-09-30	2025-04-12	-	5.0	Likely
CVE-2012-5498	2014-09-30	2025-04-12	-	5.0	Likely
CVE-2012-5499	2014-09-30	2025-04-12	-	5.0	Likely
CVE-2012-5501	2014-09-30	2025-04-12	-	5.0	Likely
CVE-2012-5502	2014-09-30	2025-04-12	-	3.5	Unknown
CVE-2012-5503	2014-09-30	2025-04-12	-	5.0	Likely
CVE-2012-5504	2014-09-30	2025-04-12	-	4.3	Likely
CVE-2012-5505	2014-09-30	2025-04-12	-	5.0	Likely
CVE-2012-5506	2014-09-30	2025-04-12	-	5.0	Likely
CVE-2012-5507	2014-09-30	2025-04-12	-	4.3	Likely
CVE-2012-5500	2014-11-03	2025-04-12	-	4.3	Likely
CVE-2012-5508	2014-11-03	2025-04-12	-	5.0	Likely
CVE-2012-6661	2014-11-03	2025-04-12	-	5.0	Likely
CVE-2016-7147	2017-02-04	2025-04-20	6.1	4.3	Likely
CVE-2016-4041	2017-02-24	2025-04-20	7.3	7.5	Likely
CVE-2016-4042	2017-02-24	2025-04-20	5.3	5.0	Likely
CVE-2016-4043	2017-02-24	2025-04-20	4.9	3.5	Unknown
CVE-2016-7135	2017-03-07	2025-04-20	4.9	4.0	Likely
CVE-2016-7136	2017-03-07	2025-04-20	6.1	4.3	Likely
CVE-2016-7137	2017-03-07	2025-04-20	6.1	5.8	Likely
CVE-2016-7138	2017-03-07	2025-04-20	6.1	4.3	Likely
CVE-2016-7139	2017-03-07	2025-04-20	6.1	4.3	Likely
CVE-2016-7140	2017-03-07	2025-04-20	6.1	4.3	Likely
CVE-2017-5524	2017-03-23	2025-04-20	4.3	4.0	Likely
CVE-2015-7315	2017-09-25	2025-04-20	5.9	4.3	Likely
CVE-2015-7316	2017-09-25	2025-04-20	6.1	4.3	Likely
CVE-2015-7317	2017-09-25	2025-04-20	6.8	4.9	Unknown
CVE-2015-7318	2017-09-25	2025-04-20	7.5	5.0	Likely
CVE-2015-7293	2017-09-25	2025-04-20	8.8	6.8	Likely
CVE-2017-1000481	2018-01-03	2024-11-21	6.1	5.8	Likely
CVE-2017-1000482	2018-01-03	2024-11-21	5.4	3.5	Unknown
CVE-2017-1000483	2018-01-03	2024-11-21	6.5	4.0	Likely
CVE-2017-1000484	2018-01-03	2024-11-21	6.1	5.8	Likely
CVE-2013-7062	2020-01-02	2024-11-21	6.1	4.3	Likely
CVE-2020-7936	2020-01-23	2024-11-21	6.1	5.8	Likely
CVE-2020-7937	2020-01-23	2024-11-21	5.4	3.5	Unknown
CVE-2020-7938	2020-01-23	2024-11-21	8.8	6.5	Likely
CVE-2020-7939	2020-01-23	2024-11-21	8.8	6.5	Likely
CVE-2020-7940	2020-01-23	2024-11-21	7.5	5.0	Likely
CVE-2020-7941	2020-01-23	2024-11-21	9.8	7.5	Likely
CVE-2020-35190	2020-12-17	2024-11-21	9.8	10.0	Likely
CVE-2020-28734	2020-12-30	2024-11-21	8.8	6.5	Likely
CVE-2020-28735	2020-12-30	2024-11-21	8.8	6.5	Likely
CVE-2020-28736	2020-12-30	2024-11-21	8.8	6.5	Likely
CVE-2021-21336	2021-03-08	2024-11-21	6.5	4.0	Likely
CVE-2021-29002	2021-03-24	2024-11-21	5.4	3.5	Unknown
CVE-2021-3313	2021-05-20	2024-11-21	5.4	3.5	Unknown
CVE-2021-32633	2021-05-21	2024-11-21	6.8	6.5	Likely
CVE-2021-33507	2021-05-21	2024-11-21	6.1	4.3	Likely
CVE-2021-33508	2021-05-21	2024-11-21	5.4	3.5	Unknown
CVE-2021-33509	2021-05-21	2024-11-21	9.9	8.5	Unknown
CVE-2021-33510	2021-05-21	2024-11-21	4.3	4.0	Likely
CVE-2021-33511	2021-05-21	2024-11-21	7.5	5.0	Likely
CVE-2021-33512	2021-05-21	2024-11-21	5.4	3.5	Unknown
CVE-2021-33513	2021-05-21	2024-11-21	5.4	3.5	Unknown
CVE-2021-35959	2021-06-30	2024-11-21	5.4	3.5	Unknown
CVE-2021-32806	2021-08-02	2024-11-21	6.5	5.8	Likely
CVE-2022-23599	2022-01-28	2025-05-05	4.3	2.6	Unknown
CVE-2022-24740	2022-03-14	2024-11-21	5.0	6.0	Unknown
CVE-2021-33926	2023-02-17	2025-03-19	8.8	-	-
CVE-2023-41048	2023-09-21	2024-11-21	3.7	-	-
CVE-2023-42457	2023-09-21	2025-02-13	7.5	-	-
CVE-2024-0669	2024-01-18	2024-11-21	6.3	-	-
CVE-2024-23055	2024-01-25	2025-06-17	6.1	-	-
CVE-2024-23054	2024-02-05	2024-11-21	9.8	-	-
CVE-2024-23756	2024-02-08	2025-05-15	7.5	-	-
CVE-2024-22889	2024-03-06	2025-01-21	7.5	-	-
CVE-2026-28413	2026-03-05	2026-03-17	5.3	-	-

How SecUtils Normalizes Vendor Data

SecUtils aggregates National Vulnerability Database (NVD) and MITRE records for plone by normalizing vendor identifiers across diverse data sources, mapping vendor names to their associated product lines, and collecting all known vulnerabilities under a unified vendor context. For every CVE associated with plone's products, we extract and structure Common Platform Enumeration (CPE) data, Common Weakness Enumeration (CWE) categories, CVSS severity metrics, and reference links to enable rapid vulnerability identification and asset correlation. This record contains no exploit code, proof-of-concept instructions, or attack methodologies—only defensive intelligence necessary for patch management, risk assessment, and vendor vulnerability tracking.