cbcvebase.

Solwin Blog Designer Pro vulnerabilities

4 known vulnerabilities affecting solwin/blog_designer_pro.

Total CVEs
4
CISA KEV
0
Public exploits
0
Exploited in wild
1
Severity breakdown
HIGH3MEDIUM1

Vulnerabilities

Page 1 of 1
CVE-2025-47696P2HIGHCVSS 8.1Exploited≤ 3.4.72025-08-31
CVE-2025-47696 [HIGH] CWE-98 CVE-2025-47696: Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusio Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in solwin Blog Designer PRO blog-designer-pro.This issue affects Blog Designer PRO: from n/a through <= 3.4.7.
nvd
CVE-2025-47695P3HIGHCVSS 7.5≤ 3.4.72025-09-09
CVE-2025-47695 [HIGH] CWE-98 CVE-2025-47695: Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusio Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in solwin Blog Designer PRO blog-designer-pro.This issue affects Blog Designer PRO: from n/a through <= 3.4.7.
nvd
CVE-2025-58711P4MEDIUMCVSS 5.3≤ 3.4.82025-10-29
CVE-2025-58711 [MEDIUM] CWE-862 CVE-2025-58711: Missing Authorization vulnerability in solwin Blog Designer PRO blog-designer-pro allows Accessing F Missing Authorization vulnerability in solwin Blog Designer PRO blog-designer-pro allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Blog Designer PRO: from n/a through <= 3.4.8.
nvd
CVE-2025-47694P4HIGHCVSS 7.1≤ 3.4.72025-09-09
CVE-2025-47694 [HIGH] CWE-79 CVE-2025-47694: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability i Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in solwin Blog Designer PRO blog-designer-pro.This issue affects Blog Designer PRO: from n/a through <= 3.4.7.
nvd
Solwin Blog Designer Pro vulnerabilities | cvebase