Gh0Stgm

**Name of the Vulnerable Software and Affected Versions** Pagekit version 1.0.17 **Description** The issue concerns the Reset Password feature, which provides different responses based on whether a valid user account's email address is entered. This difference in response might facilitate account enumeration by attackers. **Recommendations** For Pagekit version 1.0.17, consider disabling the Reset Password feature until a patch is available to prevent potential account enumeration.

**Name of the Vulnerable Software and Affected Versions** GetSimple CMS version 3.3.15 **Description** The issue is related to Persistent Cross-Site Scripting (XSS) in the admin/theme-edit.php file. **Recommendations** For GetSimple CMS version 3.3.15, update to a newer version that contains a fix for this issue.