← Back

Blog Designer

blog_designer

Vendor: Solwininfotech • 1 CVE

CVEs (1)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2022-4793
1Solwininfotech
1Blog Designer
Mar 27, 2025
Jan 30, 2023
N/A· v4
5.4 MEDIUM· v3
N/A· v2
The Blog Designer WordPress plugin before 2.4.1 does not validate and escape one of its shortcode attributes, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attack.