7698 matches found
WordPress WP Blog and Widget plugin <= 2.6.6 - Backdoor vulnerability
Backdoor vulnerability discovered by ? in WordPress Plugin WP Blog and Widget versions = 2.6.6...
WordPress Blog Designer - Post and Widget plugin <= 2.7.7 - Backdoor vulnerability
WordPress Blog Designer - Post and Widget plugin = 2.7.7 - Backdoor vulnerability discovered by ? in WordPress Plugin Blog Designer - Post and Widget versions = 2.7.7...
EUVD-2026-22069
A security flaw has been discovered in code-projects Easy Blog Site 1.0. This affects an unknown function of the file post.php. Performing a manipulation of the argument tags results in sql injection. The attack may be initiated remotely. The exploit has been released to the public and may be use...
CVE-2026-6202
A security flaw has been discovered in code-projects Easy Blog Site 1.0. This affects an unknown function of the file post.php. Performing a manipulation of the argument tags results in sql injection. The attack may be initiated remotely. The exploit has been released to the public and may be use...
CVE-2026-6202 code-projects Easy Blog Site post.php sql injection
A security flaw has been discovered in code-projects Easy Blog Site 1.0. This affects an unknown function of the file post.php. Performing a manipulation of the argument tags results in sql injection. The attack may be initiated remotely. The exploit has been released to the public and may be use...
CVE-2026-6202 code-projects Easy Blog Site post.php sql injection
A security flaw has been discovered in code-projects Easy Blog Site 1.0. This affects an unknown function of the file post.php. Performing a manipulation of the argument tags results in sql injection. The attack may be initiated remotely. The exploit has been released to the public and may be use...
CVE-2026-6202
The vulnerability CVE-2026-6202 affects code-projects Easy Blog Site 1.0. It targets the file post.php, where manipulation of the tags argument leads to a SQL injection via an unknown function. The attack can be initiated remotely, and the exploit has been released publicly. No remediation detail...
CVE-2026-6202
A security flaw has been discovered in code-projects Easy Blog Site 1.0. This affects an unknown function of the file post.php. Performing a manipulation of the argument tags results in sql injection. The attack may be initiated remotely. The exploit has been released to the public and may be use...
CVE-2026-40909
creationtimestamp| type| source ---|---|--- 2026-04-13 12:19:46+00:00| published-proof-of-concept| https://github.com/WWBN/AVideo/security/advisories/GHSA-6rc6-p838-686f 2026-04-21 21:27:33+00:00| published-proof-of-concept| Telegram/PLPaRbcJDaPiLP6CzuoYppan71AlFD-MBdwXLbLZgMJCSE 2026-04-23...
WordPress BuddyPress Groupblog plugin <= 1.9.3 - Authenticated (Subscriber+) Privilege Escalation to Administrator via Group Blog IDOR vulnerability
Authenticated Subscriber+ Privilege Escalation to Administrator via Group Blog IDOR vulnerability discovered by Nabil Irawan - Heroes Cyber Security in WordPress Plugin BuddyPress Groupblog versions = 1.9.3...
Code-Projects Easy Blog Site SQL注入漏洞
Code-Projects Easy Blog Site is an easy blog website developed by Code-Projects as open source. Version 1.0 of Code-Projects Easy Blog Site has a SQL injection vulnerability. This vulnerability stems from incorrect handling of parameters in the post.php file, which may lead to SQL injection attac...
📄 XWiki Blog Cross Site Scripting
XWiki Blog versions prior to 9.15.7 suffer from a persistent cross site scripting vulnerability via the blog post title. CVE-2025-66024: XWiki Blog Application home page vulnerable to Stored XSS via Post Title Overview | Field | Details | |---|---| | CVE ID | CVE-2025-66024 | | Severity | HIGH | ...
PT-2026-32507
A security flaw has been discovered in code-projects Easy Blog Site 1.0. This affects an unknown function of the file post.php. Performing a manipulation of the argument tags results in sql injection. The attack may be initiated remotely. The exploit has been released to the public and may be use...
Exploit for CVE-2025-66024
CVE-2025-66024: XWiki Blog Application home page vulnerable to...
CVE-2018-25248
creationtimestamp| type| source ---|---|--- 2026-04-11 04:07:07+00:00| seen| https://bsky.app/profile/cyberhub.blog/post/3mj6xkzjqmn2e...
CVE-2026-5144
The BuddyPress Groupblog plugin for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, 1.9.3. This is due to the group blog settings handler accepting the groupblog-blogid, default-member, and groupblog-silent-add parameters from user input without proper...
EUVD-2026-21658
The BuddyPress Groupblog plugin for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, 1.9.3. This is due to the group blog settings handler accepting the groupblog-blogid, default-member, and groupblog-silent-add parameters from user input without proper...
CVE-2026-5144 BuddyPress Groupblog <= 1.9.3 - Authenticated (Subscriber+) Privilege Escalation to Administrator via Group Blog IDOR
The BuddyPress Groupblog plugin for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, 1.9.3. This is due to the group blog settings handler accepting the groupblog-blogid, default-member, and groupblog-silent-add parameters from user input without proper...
CVE-2026-5144
The CVE-2026-5144 entry describes a Privilege Escalation in the BuddyPress Groupblog WordPress plugin up to version 1.9.3. The root cause is that the group blog settings handler accepts groupblog-blogid, default-member, and groupblog-silent-add from user input without proper authorization checks,...
CVE-2026-39517
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in A WP Life Blog Filter blog-filter allows DOM-Based XSS.This issue affects Blog Filter: from n/a through = 1.7.6...