CVE-2025-64258 WordPress Follow My Blog Post plugin <= 2.3.9 - Sensitive Data Exposure vulnerability

Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in wpweb Follow My Blog Post follow-my-blog-post allows Retrieve Embedded Sensitive Data.This issue affects Follow My Blog Post: from n/a through = 2.3.9...

CVE-2025-64258 WordPress Follow My Blog Post plugin <= 2.3.9 - Sensitive Data Exposure vulnerability

Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in wpweb Follow My Blog Post follow-my-blog-post allows Retrieve Embedded Sensitive Data.This issue affects Follow My Blog Post: from n/a through = 2.3.9...

CVE-2025-64258

CVE-2025-64258 concerns the WordPress plugin Follow My Blog Post (versions

EUVD-2023-60199

Serendipity 2.4.0 contains a stored cross-site scripting vulnerability that allows authenticated users to inject malicious scripts through blog entry creation. Attackers can craft entries with JavaScript payloads that will execute when other users view the compromised blog post...

PT-2025-52176

Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in wpweb Follow My Blog Post follow-my-blog-post allows Retrieve Embedded Sensitive Data.This issue affects Follow My Blog Post: from n/a through = 2.3.9...

WordPress plugin Follow My Blog Post 安全漏洞

WordPress is a blogging platform developed using the PHP language. The platform has the ability to set up a personal blog site on a PHP and MySQL based server.WordPress plugin is an application plugin. An information disclosure vulnerability exists in the WordPress plugin Follow My Blog Post, whi...

CVE-2023-53932

Serendipity 2.4.0 contains a stored cross-site scripting vulnerability that allows authenticated users to inject malicious scripts through blog entry creation. Attackers can craft entries with JavaScript payloads that will execute when other users view the compromised blog post...

CVE-2023-53932

Serendipity 2.4.0 contains a stored cross-site scripting vulnerability that allows authenticated users to inject malicious scripts through blog entry creation. Attackers can craft entries with JavaScript payloads that will execute when other users view the compromised blog post...

CVE-2023-53932 Serendipity 2.4.0 Stored Cross-Site Scripting via Admin Entry Creation

Serendipity 2.4.0 contains a stored cross-site scripting vulnerability that allows authenticated users to inject malicious scripts through blog entry creation. Attackers can craft entries with JavaScript payloads that will execute when other users view the compromised blog post...

CVE-2023-53932

CVE-2023-53932 affects Serendipity 2.4.0. The vulnerability is a stored cross-site scripting issue where an authenticated user can craft blog entries containing a JavaScript payload, which executes when other users view the post. The root cause is improper sanitization/handling of blog entry cont...

CVE-2023-53932 Serendipity 2.4.0 Stored Cross-Site Scripting via Admin Entry Creation

Serendipity 2.4.0 contains a stored cross-site scripting vulnerability that allows authenticated users to inject malicious scripts through blog entry creation. Attackers can craft entries with JavaScript payloads that will execute when other users view the compromised blog post...

The Cybersecurity Side of AI Crypto Bots: What Users Need to Know

Many crypto investors remain sceptical about using AI in their trading. They are aware that the technology exists,…...

CVE-2025-65590

nopCommerce 4.90.0 is vulnerable to Cross Site Scripting XSS via the Blog posts functionality in the Content Management area...

CVE-2025-14801

A security vulnerability has been detected in xiweicheng TMS up to 2.28.0. This affects the function createComment of the file /admin/blog/comment/create. Such manipulation of the argument content leads to cross site scripting. The attack may be performed from remote. The exploit has been disclos...

EUVD-2025-203862

A security vulnerability has been detected in xiweicheng TMS up to 2.28.0. This affects the function createComment of the file /admin/blog/comment/create. Such manipulation of the argument content leads to cross site scripting. The attack may be performed from remote. The exploit has been disclos...

CVE-2025-14801 xiweicheng TMS create createComment cross site scripting

A security vulnerability has been detected in xiweicheng TMS up to 2.28.0. This affects the function createComment of the file /admin/blog/comment/create. Such manipulation of the argument content leads to cross site scripting. The attack may be performed from remote. The exploit has been disclos...

CVE-2025-14801 xiweicheng TMS create createComment cross site scripting

A security vulnerability has been detected in xiweicheng TMS up to 2.28.0. This affects the function createComment of the file /admin/blog/comment/create. Such manipulation of the argument content leads to cross site scripting. The attack may be performed from remote. The exploit has been disclos...

CVE-2025-14801

CVE-2025-14801 affects xiweicheng TMS up to 2.28.0, specifically the createComment function in /admin/blog/comment/create. The vulnerability arises from manipulation of the argument content, enabling cross-site scripting. Exploitation can be remote, and public PoC details exist. Multiple sources ...

TMS 代码注入漏洞

TMS is a channel-based team communication and collaboration + lightweight task dashboard by weicheng individual developers. A code injection vulnerability exists in TMS 2.28.0 and earlier versions, which stems from the incorrect operation of the parameter content in the file...

Serendipity 跨站脚本漏洞

Serendipity is a PHP-based blogging system from the Serendipity team. The system supports the creation of online journals, blogs, web pages, and more. A cross-site scripting vulnerability exists in Serendipity version 2.4.0, which originates from the fact that an authenticated user can inject...