CVE-2025-8740 | zhenfeng13 My-Blog up to 1.0.0 Category /admin/categories/save categoryName cross site scripting (Issue 146)

Inserito da Angelo Barbosa | Ago 8, 2025 | CVE

A vulnerability was found in zhenfeng13 My-Blog up to 1.0.0. It has been classified as problematic. Affected is an unknown function of the file /admin/categories/save of the component Category Handler. The manipulation of the argument categoryName leads to cross site scripting.

This vulnerability is traded as CVE-2025-8740. It is possible to launch the attack remotely. Furthermore, there is an exploit available.

CVE-2025-8740 | zhenfeng13 My-Blog up to 1.0.0 Category /admin/categories/save categoryName cross site scripting (Issue 146)

Post correlati

CVE-2024-31350 | AWP Classifieds Plugin up to 4.3.1 on WordPress authorization

CVE-2024-11489 | 115cms up to 20240807 file.html ks cross site scripting

CVE-2025-7459 | code-projects Mobile Shop 1.0 /EditMobile.php ID sql injection

CVE-2024-11662 | welliamcao OpsManage 3.0.1/3.0.2/3.0.3/3.0.4/3.0.5 API Endpoint deploy_api.py deploy_host_vars deserialization