simplemachines
Security Risk Profile
35
/100
lowSecurity Risk Score
Comprehensive risk assessment based on 31 vulnerabilities, EPSS scores, exploitation status, and remediation availability.
📅 Data spans from September 6, 2006 to present
31
Total CVEs
16
Critical+High
0
Exploited
10
Unpatched
Threat Assessment
Avg CVSS
7
Base severity
Avg EPSS
0%
Exploit probability
Unpatched
10
Critical/High
Risk Level
35/100
low
Severity Distribution
Critical
5High
11Medium
14Low
1Exploit Likelihood
>50% chance
020-50%
05-20%
0<5%
4Age Distribution
Common Weaknesses (CWE)
1
XSS
6
2
Code Injection
6
3
Input Validation
5
4
SQL Injection
4
5
Infoleak
2
Most Affected Products
1. SimpleMachines Smf370
2. SimpleMachines Simple Machines Forum261
3. IBM Security Guardium3
4. SimpleMachines Simple Machine Forum2
5. Simple Machines Simple Machines Forum1
Recent Vulnerabilities
See more →CVE-2025-67163
CVSS 6.1medium
12/18/2025🔧 No Patch
CVE-2025-2583
CVSS 6.1EPSS 0%medium
SimpleMachines SMF ManageNews.php cross site scripting
3/21/2025🔧 No Patch
CVE-2025-2582
CVSS 5.4EPSS 0%medium
SimpleMachines SMF ManageAttachments.php cross site scripting
3/21/2025🔧 No Patch
CVE-2024-7438
CVSS 5.3EPSS 0%medium
SimpleMachines SMF User Alert Read Status index.php resource injection
8/3/2024🔧 No Patch
CVE-2024-7437
CVSS 5.5EPSS 0%medium
SimpleMachines SMF Delete User index.php resource injection
8/3/2024🔧 No Patch
CVE-2022-26982
CVSS 7.2high
4/5/2022🔧 No Patch
CVE-2019-11574
CVSS 9.8critical
3/20/2020🔧 No Patch
CVE-2013-4395
CVSS 6.1medium
2/12/2020🔧 No Patch
CVE-2013-0192
CVSS 4.9medium
2/7/2020🔧 No Patch
CVE-2019-12490
CVSS 6.5medium
1/22/2020🔧 No Patch
Monitor simplemachines in Real-Time
Get instant alerts when new vulnerabilities are discovered. Stay ahead of security threats with SecAlerts.