CVE-2019-25674

CMSsite 1.0 contains an SQL injection vulnerability exposed via the post parameter in post.php, allowing unauthenticated attackers to manipulate database queries and extract data or perform time-based blind SQLi. Exploitation details are supported by linked references (e.g., Exploit-DB). CVSS met...

PT-2025-23432 · Unknown · Chaitak-Gorai Blogbook

Name of the Vulnerable Software and Affected Versions: chaitak-gorai Blogbook up to 92f5cf90f8a7e6566b576fe0952e14e1c6736513 Description: A problematic issue has been found in chaitak-gorai Blogbook, affecting the processing of the file /post.php. The manipulation of the arguments comment author,...

PT-2022-24051 · WordPress · Embedpress Plugin

Name of the Vulnerable Software and Affected Versions: EmbedPress Plugin affected versions not specified Description: A vulnerability has been found in the EmbedPress Plugin, affecting an unknown functionality of the file post.php of the component Shortcode Handler. This issue leads to cross-site...

CVE-2018-15899

An issue was discovered in MiniCMS 1.10. There is a post.php?date= XSS vulnerability...

CVE-2011-3128

WordPress 3.1 before 3.1.3 and 3.2 before Beta 2 treats unattached attachments as published, which might allow remote attackers to obtain sensitive data via vectors related to wp-includes/post.php...