Oneblog Project Oneblog — known CVE vulnerabilities
Every CVE whose affected-product data names Oneblog Project Oneblog, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (2)
CVE-2021-46085 — CVSS 6.5 (medium): OneBlog <= 2.2.8 is vulnerable to Insecure Permissions. Low level administrators can delete high-level administrators beyond their…
CVE-2021-46025 — CVSS 5.4 (medium): A Cross SIte Scripting (XSS) vulnerability exists in OneBlog <= 2.2.8. via the add function in the operation tab list in the background.