Vulnerabilities > Amasty > Blog PRO
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-11-23 | CVE-2022-35501 | Cross-site Scripting vulnerability in Amasty Blog PRO 2.10.3/2.10.4 Stored Cross-site Scripting (XSS) exists in the Amasty Blog Pro 2.10.3 and 2.10.4 plugin for Magento 2 because of the duplicate post function. | 5.4 |
| 2022-11-23 | CVE-2022-35500 | Cross-site Scripting vulnerability in Amasty Blog PRO 2.10.3 Amasty Blog 2.10.3 is vulnerable to Cross Site Scripting (XSS) via leave comment functionality. | 5.4 |
| 2022-11-17 | CVE-2022-36432 | Cross-site Scripting vulnerability in Amasty Blog PRO The Preview functionality in the Amasty Blog Pro 2.10.3 plugin for Magento 2 uses eval unsafely. | 5.4 |