PT-2023-27410 · WordPress · Simple Blog Card

Name of the Vulnerable Software and Affected Versions: Simple Blog Card WordPress plugin version 1.32 and earlier Description: The issue allows any authenticated user to retrieve arbitrary post titles and their content, including drafts, private posts, and password-protected ones, because the...

PT-2023-27407 · WordPress · Simple Blog Card

Name of the Vulnerable Software and Affected Versions: The Simple Blog Card WordPress plugin versions prior to 1.31 Description: The issue arises from the plugin's failure to validate and escape some of its shortcode attributes before outputting them back in a page or post where the shortcode is...

WordPress Simple Blog Card Plugin < 1.32 is vulnerable to Sensitive Data Exposure

Software Simple Blog Card Type Plugin Vulnerable versions 1.32 Fixed in 1.32 OWASP Top 10 A3: Sensitive Data Exposure Classification Sensitive Data Exposure CVE N/A Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID e0b1d4664953 Credits N/A Required privilege Subscriber...

WordPress Simple Blog Card Plugin <= 1.30 is vulnerable to Cross Site Scripting (XSS)

Software Simple Blog Card Type Plugin Vulnerable versions = 1.30 Fixed in 1.31 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE N/A Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID db23b5207e83 Credits Unknown Required privilege...

CVE-2023-3474

A vulnerability has been found in SimplePHPscripts Simple Blog 3.2 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file preview.php of the component URL Parameter Handler. The manipulation leads to cross site scripting. The attack can be launched...

Cross site scripting

A vulnerability has been found in SimplePHPscripts Simple Blog 3.2 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file preview.php of the component URL Parameter Handler. The manipulation leads to cross site scripting. The attack can be launched...

CVE-2023-3474 SimplePHPscripts Simple Blog URL Parameter preview.php cross site scripting

A vulnerability has been found in SimplePHPscripts Simple Blog 3.2 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file preview.php of the component URL Parameter Handler. The manipulation leads to cross site scripting. The attack can be launched...

CVE-2023-3474

The CVE-2023-3474 entry affects SimplePHPscripts Simple Blog 3.2, where an issue in the URL Parameter Handler’s preview.php functionality enables cross-site scripting. The vulnerability arises from manipulating an input parameter, allowing remote exploitation (network vector) with no privileges a...

CVE-2023-3474 SimplePHPscripts Simple Blog URL Parameter preview.php cross site scripting

A vulnerability has been found in SimplePHPscripts Simple Blog 3.2 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file preview.php of the component URL Parameter Handler. The manipulation leads to cross site scripting. The attack can be launched...

PT-2023-24993 · Unknown · Simplephpscripts Simple Blog

Name of the Vulnerable Software and Affected Versions: SimplePHPscripts Simple Blog version 3.2 Description: A vulnerability has been found in the file preview.php of the component URL Parameter Handler, which leads to cross site scripting. The attack can be launched remotely. Recommendations: Fo...

SimplePHPscripts Simple Blog 跨站脚本漏洞

SimplePHPscripts Simple Blog is a blogging system from the Bulgarian company SimplePHPscripts. A cross-site scripting vulnerability exists in SimplePHPscripts Simple Blog version 3.2, which stems from a problem with the file preview.php that can lead to cross-site scripting...

Simple Blog 3.2 Cross Site Scripting

┌┌───────────────────────────────────────────────────────────────────────────────────────┐ ││ C r a C k E r ┌┘ ┌┘ T H E C R A C K O F E T E R N A L M I G H T ││ └───────────────────────────────────────────────────────────────────────────────────────┘┘ ┌──── From The Ashes and Dust Rises An...

CVE-2021-42233

The Simple Blog plugin in Wondercms 3.4.1 is vulnerable to stored cross-site scripting XSS vulnerability. When any user opens a particular blog hosted on an attackers' site, XSS may occur...

CVE-2021-42233

The Simple Blog plugin in Wondercms 3.4.1 is vulnerable to stored cross-site scripting XSS vulnerability. When any user opens a particular blog hosted on an attackers' site, XSS may occur...

Cross site scripting

The Simple Blog plugin in Wondercms 3.4.1 is vulnerable to stored cross-site scripting XSS vulnerability. When any user opens a particular blog hosted on an attackers' site, XSS may occur...

CVE-2021-42233

The Simple Blog plugin in Wondercms 3.4.1 is vulnerable to stored cross-site scripting XSS vulnerability. When any user opens a particular blog hosted on an attackers' site, XSS may occur...

CVE-2021-42233

CVE-2021-42233 describes a stored XSS vulnerability in the WonderCMS Simple Blog plugin (version 3.4.1). The issue occurs when a user views a specific blog post hosted on an attacker’s site, allowing the attacker to inject script via vulnerable blog content. The public documentation consistently ...

Wondercms plugin Simple Blog 跨站脚本漏洞

WonderCMS is a cms. version 3.4.1 of WonderCMS contains a cross-site scripting vulnerability that can be exploited by attackers to cause XSS to occur when any user opens a specific blog hosted on their website...

Simple Blog PHP 2.0 Cross Site Request Forgery / Cross Site Scripting

===================================================== Simple Blog PHP 2.0 - CSRFAdd Post // Stored XSS ===================================================== Vendor Homepage: http://simpleblogphp.com/ Date: 13 Oct 2016 Demo Link : http://simpleblogphp.com/blog/admin.php Version : 2.0 Platform : PH...

Simple Blog PHP 2.0 - SQL Injection

===================================================== Simple Blog PHP 2.0 - SQL Injection ===================================================== Vendor Homepage: http://simpleblogphp.com/ Date: 13 Oct 2016 Demo Link : http://simpleblogphp.com/blog/admin.php Version : 2.0 Platform : WebApp - PHP...