Vulnerabilities > Blog IN Blog Project

DATE	CVE	VULNERABILITY TITLE	RISK
2023-05-31	CVE-2023-2435	Path Traversal vulnerability in Blog-In-Blog Project Blog-In-Blog 1.1.1 The Blog-in-Blog plugin for WordPress is vulnerable to Local File Inclusion in versions up to, and including, 1.1.1 via a shortcode attribute. network low complexity blog-in-blog-project CWE-22	7.2
2023-05-31	CVE-2023-2436	Cross-site Scripting vulnerability in Blog-In-Blog Project Blog-In-Blog 1.1.1 The Blog-in-Blog plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'blog_in_blog' shortcode in versions up to, and including, 1.1.1 due to insufficient input sanitization and output escaping on user supplied attributes. network low complexity blog-in-blog-project CWE-79	4.8

Vulnerabilities > Blog IN Blog Project {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Blog IN Blog Project"}]}