CVE-2025-31082

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in InfornWeb News & Blog Designer Pack blog-designer-pack allows PHP Local File Inclusion.This issue affects News & Blog Designer Pack: from n/a through = 4.0...

CVE-2025-31740

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in aThemeArt News, Magazine and Blog Elements news-magazine-and-blog-elements allows Stored XSS.This issue affects News, Magazine and Blog Elements: from n/a through = 1.3...

Cloud for the Streaming Era: Introducing Accelerated Compute

...

WordPress Glossy Blog theme <= 1.0.3 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by stealthcopter Patchstack Alliance in WordPress Theme Glossy Blog versions = 1.0.3...

CVE-2025-31606

Missing Authorization vulnerability in softpulseinfotech SP Blog Designer sp-blog-designer allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects SP Blog Designer: from n/a through = 1.0.0...

CVE-2025-31103

Untrusted data deserialization vulnerability exists in a-blog cms. Processing a specially crafted request may store arbitrary files on the server where the product is running. This can be leveraged to execute an arbitrary script on the server...

CVE-2025-3074

creationtimestamp| type| source ---|---|--- 2025-04-02 03:01:25+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3llsfj27thy24 2025-04-02 04:07:03+00:00| seen| https://t.me/cvedetector/21835 2025-04-04 00:14:47+00:00| seen|...

CVE-2025-3066

creationtimestamp| type| source ---|---|--- 2025-04-02 03:01:18+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3llsfiyxem627 2025-04-02 04:07:09+00:00| seen| https://t.me/cvedetector/21839 2025-04-02 05:51:40+00:00| seen|...

WordPress Glossy Blog Theme <= 1.0.3 is vulnerable to Cross Site Scripting (XSS)

Software Glossy Blog Type Theme Vulnerable versions = 1.0.3 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2025-26934 Patch priority Medium CVSS severity Medium 6.5 Developer Claim ownership PSID b4d593ddb83f Credits stealthcopter Required privilege...

CVE-2025-31082

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in InfornWeb News & Blog Designer Pack blog-designer-pack allows PHP Local File Inclusion.This issue affects News & Blog Designer Pack: from n/a through = 4.0...

CVE-2025-31766

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in PhotoShelter PhotoShelter for Photographers Blog Feed Plugin photoshelter-official-plugin allows Stored XSS.This issue affects PhotoShelter for Photographers Blog Feed Plugin: from n/a through =...

CVE-2025-31740

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in aThemeArt News, Magazine and Blog Elements news-magazine-and-blog-elements allows Stored XSS.This issue affects News, Magazine and Blog Elements: from n/a through = 1.3...

PT-2025-14153 · WordPress · Photoshelter For Photographers Blog Feed Plugin

Name of the Vulnerable Software and Affected Versions: PhotoShelter for Photographers Blog Feed Plugin versions 1.5.7 and earlier Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting. This allows for Stored XSS attack...

WordPress plugin PhotoShelter for Photographers Blog Feed Plugin 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...

WordPress plugin News, Magazine and Blog Elements 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists...

WordPress SP Blog Designer plugin <= 1.0.0 - Arbitrary Shortcode Execution vulnerability

Arbitrary Shortcode Execution vulnerability discovered by theviper17 in WordPress Plugin SP Blog Designer versions = 1.0.0...

CVE-2025-31606

Missing Authorization vulnerability in softpulseinfotech SP Blog Designer sp-blog-designer allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects SP Blog Designer: from n/a through = 1.0.0...

CVE-2025-31606

CVE-2025-31606 affects the WordPress plugin SP Blog Designer. The vulnerability is a Missing Authorization issue allowing unauthenticated users to perform arbitrary shortcode execution, with affected versions from unknown through 1.0.0. CVSSv3.1 base score is 4.8 (LOW–MEDIUM) and the attack is ne...

CVE-2025-31103

Untrusted data deserialization vulnerability exists in a-blog cms. Processing a specially crafted request may store arbitrary files on the server where the product is running. This can be leveraged to execute an arbitrary script on the server...

CVE-2025-31103

Untrusted data deserialization vulnerability exists in a-blog cms. Processing a specially crafted request may store arbitrary files on the server where the product is running. This can be leveraged to execute an arbitrary script on the server...