Lucene search

K

My-blog Security Vulnerabilities

cve
cve

CVE-2024-33907

Missing Authorization vulnerability in Michael Nelson Print My Blog.This issue affects Print My Blog: from n/a through...

5.3CVSS

6.8AI Score

0.0004EPSS

2024-05-06 08:15 PM
27
cve
cve

CVE-2023-29636

Cross site scripting (XSS) vulnerability in ZHENFENG13 My-Blog, allows attackers to inject arbitrary web script or HTML via the "title" field in the "blog management" page due to the the default configuration not using...

5.4CVSS

5.3AI Score

0.001EPSS

2023-05-01 04:15 PM
15
cve
cve

CVE-2023-29639

Cross site scripting (XSS) vulnerability in ZHENFENG13 My-Blog, allows attackers to inject arbitrary web script or HTML via editing an article in the "blog article" page due to the default configuration not utilizing...

5.4CVSS

5.3AI Score

0.001EPSS

2023-05-01 04:15 PM
14
cve
cve

CVE-2023-1937

A vulnerability, which was classified as problematic, was found in zhenfeng13 My-Blog. Affected is an unknown function of the file /admin/configurations/userInfo. The manipulation of the argument yourAvatar/yourName/yourEmail leads to cross-site request forgery. It is possible to launch the attack....

4.3CVSS

4.7AI Score

0.001EPSS

2023-04-07 09:15 AM
33
cve
cve

CVE-2023-27093

Cross Site Scripting vulnerability found in My-Blog allows attackers to cause a denial of service via the Post...

6.1CVSS

6.1AI Score

0.001EPSS

2023-03-13 03:15 PM
13
cve
cve

CVE-2021-24636

The Print My Blog WordPress Plugin before 3.4.2 does not enforce nonce (CSRF) checks, which allows attackers to make logged in administrators deactivate the Print My Blog plugin and delete all saved data for that plugin by tricking them to open a malicious...

8.1CVSS

8AI Score

0.001EPSS

2021-09-20 10:15 AM
20
cve
cve

CVE-2019-11565

Server Side Request Forgery (SSRF) exists in the Print My Blog plugin before 1.6.7 for WordPress via the site...

9.8CVSS

9.5AI Score

0.005EPSS

2019-04-27 02:29 PM
28
cve
cve

CVE-2006-0735

Cross-site scripting (XSS) vulnerability in BBcode.pm in M. Blom HTML::BBCode 1.04 and earlier, as used in products such as My Blog before 1.65, allows remote attackers to inject arbitrary Javascript via a javascript URI in an (1) img or (2) url BBcode...

5.9AI Score

0.01EPSS

2006-02-16 11:02 AM
24