Filtered by vendor Softpulse Infotech
Subscriptions
Total
3 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2026-4859 | 2 Softpulse Infotech, Wordpress | 2 Sp Blog Designer, Wordpress | 2026-05-12 | 6.4 Medium |
| The SP Blog Designer plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'design' attribute of the `wpsbd_post_carousel` shortcode in all versions up to, and including, 1.0.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. | ||||
| CVE-2024-52498 | 1 Softpulse Infotech | 1 Sp Blog Designer | 2026-04-23 | 7.5 High |
| Path Traversal: '.../...//' vulnerability in softpulseinfotech SP Blog Designer sp-blog-designer allows PHP Local File Inclusion.This issue affects SP Blog Designer: from n/a through <= 1.0.0. | ||||
| CVE-2024-52380 | 1 Softpulse Infotech | 1 Picsmize | 2026-04-23 | 10 Critical |
| Unrestricted Upload of File with Dangerous Type vulnerability in softpulseinfotech Picsmize picsmize allows Upload a Web Shell to a Web Server.This issue affects Picsmize: from n/a through <= 1.0.0. | ||||
Page 1 of 1.