CVE-2025-32999

Cross-site scripting vulnerability exists in a-blog cms versions prior to Ver. 3.1.43 and prior to Ver. 3.0.47. This issue exists in a specific field in the entry editing screen, and exploitation requires contributor or higher level privileges. If this vulnerability is exploited, an arbitrary...

CVE-2025-32999

Cross-site scripting vulnerability exists in a-blog cms versions prior to Ver. 3.1.43 and prior to Ver. 3.0.47. This issue exists in a specific field in the entry editing screen, and exploitation requires contributor or higher level privileges. If this vulnerability is exploited, an arbitrary...

CVE-2025-32999

Cross-site scripting vulnerability exists in a-blog cms versions prior to Ver. 3.1.43 and prior to Ver. 3.0.47. This issue exists in a specific field in the entry editing screen, and exploitation requires contributor or higher level privileges. If this vulnerability is exploited, an arbitrary...

PT-2025-21218 · Unknown · A-Blog Cms

Name of the Vulnerable Software and Affected Versions: a-blog cms versions prior to 3.1.43 a-blog cms versions prior to 3.0.47 Description: A cross-site scripting issue exists in a specific field in the entry editing screen of a-blog cms, requiring contributor or higher level privileges to exploi...

CVE-2024-54997

MonicaHQ v4.1.1 was discovered to contain an authenticated Client-Side Injection vulnerability via the entry text field at /journal/entries/ID/edit...

Smart Forms < 2.6.94 - Edit Entries via CSRF

Description The plugin does not have CSRF checks in some places, which could allow attackers to make logged-in users perform unwanted actions via CSRF attacks, such as editing entries, and we consider it a medium risk. PoC CSRF PoC...