7703 matches found
CVE-2025-6353
A vulnerability classified as problematic was found in code-projects Responsive Blog 1.0. Affected by this vulnerability is an unknown functionality of the file /search.php. The manipulation of the argument keyword leads to cross site scripting. The attack can be launched remotely. The exploit ha...
CVE-2025-49970
Missing Authorization vulnerability in sparklewpthemes Hello FSE Blog hello-fse-blog allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Hello FSE Blog: from n/a through = 1.0.6...
Cross-Site Scripting (XSS)
Mezzanine CMS is vulnerable to Stored Cross-Site Scripting XSS. The vulnerability is due to improper input sanitization in the displayablelinksjs function, allowing attackers to inject malicious JavaScript into blog post titles that executes in another admin's browser...
CVE-2025-6353
A vulnerability classified as problematic was found in code-projects Responsive Blog 1.0. Affected by this vulnerability is an unknown functionality of the file /search.php. The manipulation of the argument keyword leads to cross site scripting. The attack can be launched remotely. The exploit ha...
CVE-2025-6353
A vulnerability classified as problematic was found in code-projects Responsive Blog 1.0. Affected by this vulnerability is an unknown functionality of the file /search.php. The manipulation of the argument keyword leads to cross site scripting. The attack can be launched remotely. The exploit ha...
CVE-2025-6353 code-projects Responsive Blog search.php cross site scripting
A vulnerability classified as problematic was found in code-projects Responsive Blog 1.0. Affected by this vulnerability is an unknown functionality of the file /search.php. The manipulation of the argument keyword leads to cross site scripting. The attack can be launched remotely. The exploit ha...
CVE-2025-6353 code-projects Responsive Blog search.php cross site scripting
A vulnerability classified as problematic was found in code-projects Responsive Blog 1.0. Affected by this vulnerability is an unknown functionality of the file /search.php. The manipulation of the argument keyword leads to cross site scripting. The attack can be launched remotely. The exploit ha...
CVE-2025-6353
CVE-2025-6353 affects code-projects Responsive Blog 1.0. Affected component: the /search.php function where manipulating the keyword/argument parameter leads to cross-site scripting. Exploitation is remote and has been publicly disclosed; multiple sources corroborate a code path enabling XSS. The...
CVE-2025-6347
A vulnerability was found in code-projects Responsive Blog 1.0/1.12.4/3.3.4. It has been declared as problematic. This vulnerability affects unknown code of the file /responsive/resblog/blogadmin/admin/pageViewMembers.php. The manipulation leads to cross site scripting. The attack can be initiate...
CVE-2025-6347
A vulnerability was found in code-projects Responsive Blog 1.0/1.12.4/3.3.4. It has been declared as problematic. This vulnerability affects unknown code of the file /responsive/resblog/blogadmin/admin/pageViewMembers.php. The manipulation leads to cross site scripting. The attack can be initiate...
CVE-2025-6347 code-projects Responsive Blog pageViewMembers.php cross site scripting
A vulnerability was found in code-projects Responsive Blog 1.0/1.12.4/3.3.4. It has been declared as problematic. This vulnerability affects unknown code of the file /responsive/resblog/blogadmin/admin/pageViewMembers.php. The manipulation leads to cross site scripting. The attack can be initiate...
CVE-2025-6347
CVE-2025-6347 affects code-projects Responsive Blog (versions 1.0, 1.12.4, 3.3.4). The vulnerability is a cross-site scripting flaw in /responsive/resblog/blogadmin/admin/pageViewMembers.php, with remote exploitation and publicly disclosed exploits. Multiple sources in the provided documents corr...
CVE-2025-6347 code-projects Responsive Blog pageViewMembers.php cross site scripting
A vulnerability was found in code-projects Responsive Blog 1.0/1.12.4/3.3.4. It has been declared as problematic. This vulnerability affects unknown code of the file /responsive/resblog/blogadmin/admin/pageViewMembers.php. The manipulation leads to cross site scripting. The attack can be initiate...
CVE-2025-49970
Missing Authorization vulnerability in sparklewpthemes Hello FSE Blog hello-fse-blog allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Hello FSE Blog: from n/a through = 1.0.6...
CVE-2025-49970
CVE-2025-49970 — WordPress Hello FSE Blog theme
CVE-2025-49970 WordPress Hello FSE Blog theme <= 1.0.6 - Broken Access Control Vulnerability
Missing Authorization vulnerability in sparklewpthemes Hello FSE Blog hello-fse-blog allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Hello FSE Blog: from n/a through = 1.0.6...
WordPress plugin Hello FSE Blog Security Vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability exists in...
Code-Projects Responsive Blog 代码注入漏洞
Code-Projects Responsive Blog is an open source responsive blog by Code-Projects. A code injection vulnerability exists in Code-Projects Responsive Blog version 1.0, which stems from cross-site scripting due to incorrect manipulation of the parameter keyword in the file /search.php...
Code-Projects Responsive Blog 代码注入漏洞
Code-Projects Responsive Blog is an open source responsive blog by Code-Projects. A code injection vulnerability exists in Code-Projects Responsive Blog version 1.0/1.12.4/3.3.4, which originates from a cross-site scripting error in file /responsive/resblog/blogadmin/admin/pageViewMembers.php...
PT-2025-26338 · Unknown · Hello Fse Blog
Name of the Vulnerable Software and Affected Versions: Hello FSE Blog versions 1.0.0 through 1.0.6 Description: The issue is related to a Missing Authorization vulnerability, which allows exploiting incorrectly configured access control security levels. Recommendations: For Hello FSE Blog version...