CVE-2019-25674

CMSsite 1.0 is affected by an SQL injection vulnerability in the post parameter that can be exploited via GET requests to post.php. The vulnerability allows unauthenticated attackers to manipulate database queries, potentially extracting sensitive data or performing time-based blind SQL injection...

PT-2025-23432 · Unknown · Chaitak-Gorai Blogbook

Name of the Vulnerable Software and Affected Versions: chaitak-gorai Blogbook up to 92f5cf90f8a7e6566b576fe0952e14e1c6736513 Description: A problematic issue has been found in chaitak-gorai Blogbook, affecting the processing of the file /post.php. The manipulation of the arguments comment author,...

PT-2022-24051 · WordPress · Embedpress Plugin

Name of the Vulnerable Software and Affected Versions: EmbedPress Plugin affected versions not specified Description: A vulnerability has been found in the EmbedPress Plugin, affecting an unknown functionality of the file post.php of the component Shortcode Handler. This issue leads to cross-site...

CVE-2018-15899

An issue was discovered in MiniCMS 1.10. There is a post.php?date= XSS vulnerability...

CVE-2011-3128

WordPress 3.1 before 3.1.3 and 3.2 before Beta 2 treats unattached attachments as published, which might allow remote attackers to obtain sensitive data via vectors related to wp-includes/post.php...