✅ Check your installed version
All known vulnerabilities
CRITICAL9.9CVE-2026-27591Winter vulnerable to privilege escalation by authenticated backend users >= 1.2.0, < 1.2.12
LOW3.3CVE-2023-52085Winter CMS Local File Inclusion through Server Side Template Injection from 0, < 1.2.4
LOW2.0CVE-2023-52084Winter CMS Stored XSS through Backend ColorPicker FormWidget from 0, < 1.2.4