My-blog Security Vulnerabilities
Missing Authorization vulnerability in Michael Nelson Print My Blog.This issue affects Print My Blog: from n/a through...
5.3CVSS
6.8AI Score
0.0004EPSS
Cross site scripting (XSS) vulnerability in ZHENFENG13 My-Blog, allows attackers to inject arbitrary web script or HTML via the "title" field in the "blog management" page due to the the default configuration not using...
5.4CVSS
5.3AI Score
0.001EPSS
Cross site scripting (XSS) vulnerability in ZHENFENG13 My-Blog, allows attackers to inject arbitrary web script or HTML via editing an article in the "blog article" page due to the default configuration not utilizing...
5.4CVSS
5.3AI Score
0.001EPSS
A vulnerability, which was classified as problematic, was found in zhenfeng13 My-Blog. Affected is an unknown function of the file /admin/configurations/userInfo. The manipulation of the argument yourAvatar/yourName/yourEmail leads to cross-site request forgery. It is possible to launch the attack....
4.3CVSS
4.7AI Score
0.001EPSS
Cross Site Scripting vulnerability found in My-Blog allows attackers to cause a denial of service via the Post...
6.1CVSS
6.1AI Score
0.001EPSS
The Print My Blog WordPress Plugin before 3.4.2 does not enforce nonce (CSRF) checks, which allows attackers to make logged in administrators deactivate the Print My Blog plugin and delete all saved data for that plugin by tricking them to open a malicious...
8.1CVSS
8AI Score
0.001EPSS
Server Side Request Forgery (SSRF) exists in the Print My Blog plugin before 1.6.7 for WordPress via the site...
9.8CVSS
9.5AI Score
0.005EPSS
Cross-site scripting (XSS) vulnerability in BBcode.pm in M. Blom HTML::BBCode 1.04 and earlier, as used in products such as My Blog before 1.65, allows remote attackers to inject arbitrary Javascript via a javascript URI in an (1) img or (2) url BBcode...
5.9AI Score
0.01EPSS