CVE-2025-15223 Philipinho Simple-PHP-Blog login.php cross site scripting

A vulnerability was found in Philipinho Simple-PHP-Blog up to 94b5d3e57308bce5dfbc44c3edafa9811893d958. Impacted is an unknown function of the file /login.php. Performing manipulation of the argument Username results in cross site scripting. The attack is possible to be carried out remotely. The...

CVE-2025-15223 Philipinho Simple-PHP-Blog login.php cross site scripting

A vulnerability was found in Philipinho Simple-PHP-Blog up to 94b5d3e57308bce5dfbc44c3edafa9811893d958. Impacted is an unknown function of the file /login.php. Performing manipulation of the argument Username results in cross site scripting. The attack is possible to be carried out remotely. The...

CVE-2025-15223

The CVE-2025-15223 issue affects Philipinho Simple-PHP-Blog, specifically in the file /login.php where manipulation of the Username parameter enables cross-site scripting. The vulnerability is exploitable remotely, with public exploits, and is associated with versions prior to the commit 94b5d3e5...

PT-2025-54269

Name of the Vulnerable Software and Affected Versions Philipinho Simple-PHP-Blog versions prior to 94b5d3e57308bce5dfbc44c3edafa9811893d958 Description A cross site scripting issue exists in Philipinho Simple-PHP-Blog. The issue is located in the /login.php file, specifically involving manipulati...

Simple-PHP-Blog 代码注入漏洞

Simple-PHP-Blog is a simple blogging system by the individual developer Philip Okugbe. A code injection vulnerability exists in Simple-PHP-Blog, which stems from an incorrect manipulation of the parameter Username in the file /login.php, which could lead to a cross-site scripting attack...

EUVD-2025-205711

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in A WP Life Blog Filter blog-filter allows DOM-Based XSS.This issue affects Blog Filter: from n/a through = 1.7.3...

CVE-2025-69033

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in A WP Life Blog Filter blog-filter allows DOM-Based XSS.This issue affects Blog Filter: from n/a through = 1.7.3...

CVE-2025-69033 WordPress Blog Filter plugin <= 1.7.3 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in A WP Life Blog Filter blog-filter allows DOM-Based XSS.This issue affects Blog Filter: from n/a through = 1.7.3...

CVE-2025-69033 WordPress Blog Filter plugin <= 1.7.3 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in A WP Life Blog Filter blog-filter allows DOM-Based XSS.This issue affects Blog Filter: from n/a through = 1.7.3...

CVE-2025-69033

CVE-2025-69033 describes a DOM-based XSS in the WordPress plugin Blog Filter (Post Filtering) that affects Blog Filter versions up to 1.7.3. Root cause: Improper input neutralization during web page generation. Impact per CVSS 3.1 (Network, Low/Low/Low, scope changed): Confidentiality, Integrity,...

PT-2025-53914

Name of the Vulnerable Software and Affected Versions Blog Filter versions through 1.7.3 Description The Blog Filter software contains a flaw related to improper input handling during web page generation, leading to a DOM-Based Cross-site Scripting XSS condition. This allows for potential malicio...

WordPress plugin Blog Filter 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A cross-site scripting...

WordPress Blog Filter plugin <= 1.7.3 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Muhammad Yudha - DJ in WordPress Plugin Blog Filter versions = 1.7.3...

GHSA-G9XM-7538-MQ8W

creationtimestamp| type| source ---|---|--- 2025-12-29 21:01:14+00:00| seen| https://github.blog/security/vulnerability-research/bugs-that-survive-the-heat-of-continuous-fuzzing/...

GHSA-38H4-FX85-QCX7

creationtimestamp| type| source ---|---|--- 2025-12-29 21:01:14+00:00| seen| https://github.blog/security/vulnerability-research/bugs-that-survive-the-heat-of-continuous-fuzzing/...

Ubisoft Shuts Down Rainbow Six Siege After MongoDB Exploit Hits Players

Over 87,000 MongoDB instances are at risk from a critical memory leak called MongoBleed. Following the chaos at Ubisoft, see how this zero-password flaw works and how to protect your data...

Exploit for CVE-2025-15495

CVE-2025-15495 - Arbitrary File Upload Leading to Remote Code...

The Worst Hacks of 2025

From university breaches to cyberattacks that shut down whole supply chains, these were the worst cybersecurity incidents of the year...

Everest Ransomware Group Claims Theft of Over 1TB of Chrysler Data

On December 25, while much of the world was observing Christmas, the Everest ransomware group published a new…...

Linux Distros Unpatched Vulnerability : CVE-2023-53952

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Dotclear 2.25.3 contains a remote code execution vulnerability that allows authenticated attackers to upload malicious PHP files with .phar extension through th...