CVE-2026-58655 - Grav Flex Objects - Server-Side Template Injection via Dynamic Titles
CVE ID :CVE-2026-58655 Published : July 15, 2026, 12:18 p.m. | 16 minutes ago Description :The bundled Grav Flex Objects plugin (getgrav/grav-plugin-flex-objects) before 1.4.0 contains a stored server-side template injection vulnerability. When rendering dynamic collection or object titles,...