Vendor CVEs
Bludit
All CVEs
47 total · sorted by risk| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2026-50869 | Cri | 0.64 | 9.8 | 0.01 | Jun 15, 2026 | An issue in the api/plugin.php component of Bludit v3.19.0 allows attackers to execute a directory traversal via supplying a crafted request. | ||
| CVE-2026-38329 | Cri | 0.57 | 9.8 | 0.01 | Jun 15, 2026 | Bludit CMS before version 3.18.4 allows Remote Code Execution (RCE) via the API Plugin. The POST /api/files/{key} endpoint in bl-plugins/api/plugin.php fails to perform authorization checks and lacks file extension validation. An attacker with a valid API token can upload a… | ||
| CVE-2026-25101 | Cri | 0.57 | 9.8 | 0.00 | Mar 27, 2026 | Bludit allows user's session identifier to be set before authentication. The value of this session ID stays the same after authentication. This behavior enables an attacker to fix a session ID for a victim and later hijack the authenticated session. This issue was fixed in… | ||
| CVE-2026-25099 | Hig | 0.53 | 8.8 | 0.02 | Mar 27, 2026 | Bludit’s API plugin allows an authenticated attacker with a valid API token to upload files of any type and extension without restriction, which can then be executed, leading to Remote Code Execution. This issue was fixed in 3.18.4. | ||
| CVE-2026-46656 | Hig | 0.50 | 8.8 | 0.00 | Jun 8, 2026 | Bludit is a content management system. Versions prior to 3.22.0 have a Broken Access Control flaw where active sessions remain valid even after the corresponding user account has been physically deleted from the database. This "Ghost Session" allows revoked users to maintain… | ||
| CVE-2018-16313 | Med | 0.40 | 6.1 | 0.01 | Sep 1, 2018 | Bludit 2.3.4 allows XSS via a user name. | ||
| CVE-2026-46657 | Hig | 0.39 | 7.1 | 0.00 | Jun 8, 2026 | Bludit is a content management system. Versions prior to 3.22.0 have a vulnerability in the user management logic that allows deactivated accounts to maintain access via persistent authentication tokens. When an administrator disables a user account, the application fails to… | ||
| CVE-2026-4420 | Med | 0.35 | 5.4 | 0.00 | Apr 7, 2026 | Bludit is vulnerable to Stored Cross-Site Scripting (XSS) in its page creating functionality. An authenticated attacker with page creation privileges (such as Author, Editor, or Administrator) can embed a malicious JavaScript payload in the tags field of a newly created… | ||
| CVE-2017-16636 | Med | 0.35 | 5.4 | 0.01 | Nov 6, 2017 | In Bludit v1.5.2 and v2.0.1, an XSS vulnerability is located in the new page, new category, and edit post function body message context. Remote attackers are able to bypass the basic editor validation to trigger cross site scripting. The XSS is persistent and the request method… | ||
| CVE-2026-25100 | Med | 0.28 | 5.4 | 0.00 | Mar 27, 2026 | Bludit is vulnerable to Stored Cross-Site Scripting (XSS) in its image upload functionality. An authenticated attacker with content upload privileges (such as Author, Editor, or Administrator) can upload an SVG file containing a malicious payload, which is executed when a victim… | ||
| CVE-2026-41456 | Med | 0.26 | — | 0.00 | Apr 21, 2026 | Bludit CMS prior to commit 6732dde contains a reflected cross-site scripting vulnerability in the search plugin that allows unauthenticated attackers to inject arbitrary JavaScript by crafting a malicious search query. Attackers can execute malicious scripts in the browsers of… | ||
| CVE-2019-16113 | 0.10 | — | 0.78 | Sep 8, 2019 | Bludit 3.9.2 allows remote code execution via bl-kernel/ajax/upload-images.php because PHP code can be entered with a .jpg file name, and then this PHP code can write other PHP code to a ../ pathname. | |||
| CVE-2019-17240 | 0.06 | — | 0.40 | Oct 6, 2019 | bl-kernel/security.class.php in Bludit 3.9.2 allows attackers to bypass a brute-force protection mechanism by using many different forged X-Forwarded-For or Client-IP HTTP headers. | |||
| CVE-2018-1000811 | 0.04 | — | 0.48 | Dec 20, 2018 | bludit version 3.0.0 contains a Unrestricted Upload of File with Dangerous Type vulnerability in Content Upload in Pages Editor that can result in Remote Command Execution. This attack appear to be exploitable via malicious user have to upload a crafted payload containing PHP… | |||
| CVE-2023-31698 | 0.03 | — | 0.03 | May 17, 2023 | Bludit v3.14.1 is vulnerable to Stored Cross Site Scripting (XSS) via SVG file on site logo. NOTE: the product's security model is that users are trusted by the administrator to insert arbitrary content (users cannot create their own accounts through self-registration). | |||
| CVE-2021-35323 | 0.03 | — | 0.06 | Oct 19, 2021 | Cross Site Scripting (XSS) vulnerability exists in bludit 3-13-1 via the username in admin/login. | |||
| CVE-2020-18879 | 0.01 | — | 0.03 | Aug 20, 2021 | Unrestricted File Upload in Bludit v3.8.1 allows remote attackers to execute arbitrary code by uploading malicious files via the component 'bl-kereln/ajax/upload-logo.php'. | |||
| CVE-2026-27741 | 0.00 | — | 0.00 | Feb 23, 2026 | Bludit version 3.16.1 contains a cross-site request forgery (CSRF) vulnerability in the /admin/uninstall-plugin/ and /admin/install-theme/ endpoints. The application does not implement anti-CSRF tokens or other request origin validation mechanisms for these administrative… | |||
| CVE-2026-27742 | 0.00 | — | 0.00 | Feb 23, 2026 | Bludit version 3.16.2 contains a stored cross-site scripting (XSS) vulnerability in the post content functionality. The application performs client-side sanitation of content input but does not enforce equivalent sanitation on the server side. An authenticated user can inject… | |||
| CVE-2023-53907 | 0.00 | — | 0.01 | Dec 17, 2025 | Bludit versions before 3.13.1 contain an authenticated file download vulnerability in the Backup Plugin that allows logged-in users to access arbitrary files. Attackers can exploit the plugin's download functionality by manipulating file path parameters to read sensitive system… | |||
| CVE-2024-24554 | 0.00 | — | 0.00 | Jun 24, 2024 | Bludit uses predictable methods in combination with the MD5 hashing algorithm to generate sensitive tokens such as the API token and the user token. This allows attackers to authenticate against the Bludit API. | |||
| CVE-2024-24553 | 0.00 | — | 0.00 | Jun 24, 2024 | Bludit uses the SHA-1 hashing algorithm to compute password hashes. Thus, attackers could determine cleartext passwords with brute-force attacks due to the inherent speed of SHA-1. In addition, the salt that is computed by Bludit is generated with a non-cryptographically secure… | |||
| CVE-2024-24552 | 0.00 | — | 0.00 | Jun 24, 2024 | A session fixation vulnerability in Bludit allows an attacker to bypass the server's authentication if they can trick an administrator or any other user into authorizing a session ID of their choosing. | |||
| CVE-2024-24551 | 0.00 | — | 0.01 | Jun 24, 2024 | A security vulnerability has been identified in Bludit, allowing authenticated attackers to execute arbitrary code through the Image API. This vulnerability arises from improper handling of file uploads, enabling malicious actors to upload and execute PHP files. | |||
| CVE-2024-24550 | 0.00 | — | 0.01 | Jun 24, 2024 | A security vulnerability has been identified in Bludit, allowing attackers with knowledge of the API token to upload arbitrary files through the File API which leads to arbitrary code execution on the server. This vulnerability arises from improper handling of file uploads,… | |||
| CVE-2024-25297 | 0.00 | — | 0.01 | Feb 17, 2024 | Cross Site Scripting (XSS) vulnerability in Bludit CMS version 3.15, allows remote attackers to execute arbitrary code and obtain sensitive information via edit-content.php. | |||
| CVE-2023-24674 | 0.00 | — | 0.00 | Sep 1, 2023 | Permissions vulnerability found in Bludit CMS v.4.0.0 allows local attackers to escalate privileges via the role:admin parameter. | |||
| CVE-2023-24675 | 0.00 | — | 0.00 | Sep 1, 2023 | Cross Site Scripting Vulnerability in BluditCMS v.3.14.1 allows attackers to execute arbitrary code via the Categories Friendly URL. | |||
| CVE-2020-20210 | 0.00 | — | 0.01 | Jun 26, 2023 | Bludit 3.9.2 is vulnerable to Remote Code Execution (RCE) via /admin/ajax/upload-images. | |||
| CVE-2023-34845 | 0.00 | — | 0.01 | Jun 16, 2023 | Bludit v3.14.1 was discovered to contain an arbitrary file upload vulnerability in the component /admin/new-content. This vulnerability allows attackers to execute arbitrary web scripts or HTML via uploading a crafted SVG file. NOTE: the product's security model is that users… | |||
| CVE-2023-31572 | 0.00 | — | 0.01 | May 16, 2023 | An issue in Bludit 4.0.0-rc-2 allows authenticated attackers to change the Administrator password and escalate privileges via a crafted request. | |||
| CVE-2020-19228 | 0.00 | — | 0.01 | May 11, 2022 | An issue was found in bludit v3.13.0, unsafe implementation of the backup plugin allows attackers to upload arbitrary files. | |||
| CVE-2022-1590 | 0.00 | — | 0.01 | May 5, 2022 | A vulnerability was found in Bludit 3.13.1. It has been declared as problematic. This vulnerability affects the endpoint /admin/new-content of the New Content module. The manipulation of the argument content with the input leads to cross site scripting.… | |||
| CVE-2021-45745 | 0.00 | — | 0.01 | Jan 6, 2022 | A Stored Cross Site Scripting (XSS) vulnerability exists in Bludit 3.13.1 via the About Plugin in login panel. | |||
| CVE-2021-45744 | 0.00 | — | 0.01 | Jan 6, 2022 | A Stored Cross Site Scripting (XSS) vulnerability exists in bludit 3.13.1 via the TAGS section in login panel. | |||
| CVE-2020-20495 | 0.00 | — | 0.02 | Aug 31, 2021 | bludit v3.13.0 contains an arbitrary file deletion vulnerability in the backup plugin via the `deleteBackup' parameter. | |||
| CVE-2021-25808 | 0.00 | — | 0.01 | Jul 23, 2021 | A code injection vulnerability in backup/plugin.php of Bludit 3.13.1 allows attackers to execute arbitrary code via a crafted ZIP file. | |||
| CVE-2020-23765 | 0.00 | — | 0.01 | May 21, 2021 | A file upload vulnerability was discovered in the file path /bl-plugins/backup/plugin.php on Bludit version 3.12.0. If an attacker is able to gain Administrator rights they will be able to use unsafe plugins to upload a backup file and control the server. | |||
| CVE-2020-18190 | 0.00 | — | 0.02 | Oct 2, 2020 | Bludit v3.8.1 is affected by directory traversal. Remote attackers are able to delete arbitrary files via /admin/ajax/upload-profile-picture. | |||
| CVE-2020-15026 | 0.00 | — | 0.01 | Jun 24, 2020 | Bludit 3.12.0 allows admins to use a /plugin-backup-download?file=../ directory traversal approach for arbitrary file download via backup/plugin.php. | |||
| CVE-2020-15006 | 0.00 | — | 0.01 | Jun 24, 2020 | Bludit 3.12.0 allows stored XSS via JavaScript code in an SVG document to bl-kernel/ajax/logo-upload.php. | |||
| CVE-2020-13889 | 0.00 | — | 0.01 | Jun 6, 2020 | showAlert() in the administration panel in Bludit 3.12.0 allows XSS. | |||
| CVE-2020-8811 | 0.00 | — | 0.01 | Feb 7, 2020 | ajax/profile-picture-upload.php in Bludit 3.10.0 allows authenticated users to change other users' profile pictures. | |||
| CVE-2020-8812 | 0.00 | — | 0.01 | Feb 7, 2020 | Bludit 3.10.0 allows Editor or Author roles to insert malicious JavaScript on the WYSIWYG editor. NOTE: the vendor's perspective is that this is "not a bug. | |||
| CVE-2019-16334 | 0.00 | — | 0.01 | Sep 15, 2019 | In Bludit v3.9.2, there is a persistent XSS vulnerability in the Categories -> Add New Category -> Name field. NOTE: this may overlap CVE-2017-16636. | |||
| CVE-2019-12742 | 0.00 | — | 0.01 | Jun 5, 2019 | Bludit prior to 3.9.1 allows a non-privileged user to change the password of any account, including admin. This occurs because of bl-kernel/admin/controllers/user-password.php Insecure Direct Object Reference (a modified username POST parameter). | |||
| CVE-2019-12548 | 0.00 | — | 0.03 | Jun 3, 2019 | Bludit before 3.9.0 allows remote code execution for an authenticated user by uploading a php file while changing the logo through /admin/ajax/upload-logo. |
- risk 0.64cvss 9.8epss 0.01
An issue in the api/plugin.php component of Bludit v3.19.0 allows attackers to execute a directory traversal via supplying a crafted request.
- risk 0.57cvss 9.8epss 0.01
Bludit CMS before version 3.18.4 allows Remote Code Execution (RCE) via the API Plugin. The POST /api/files/{key} endpoint in bl-plugins/api/plugin.php fails to perform authorization checks and lacks file extension validation. An attacker with a valid API token can upload a…
- risk 0.57cvss 9.8epss 0.00
Bludit allows user's session identifier to be set before authentication. The value of this session ID stays the same after authentication. This behavior enables an attacker to fix a session ID for a victim and later hijack the authenticated session. This issue was fixed in…
- risk 0.53cvss 8.8epss 0.02
Bludit’s API plugin allows an authenticated attacker with a valid API token to upload files of any type and extension without restriction, which can then be executed, leading to Remote Code Execution. This issue was fixed in 3.18.4.
- risk 0.50cvss 8.8epss 0.00
Bludit is a content management system. Versions prior to 3.22.0 have a Broken Access Control flaw where active sessions remain valid even after the corresponding user account has been physically deleted from the database. This "Ghost Session" allows revoked users to maintain…
- risk 0.40cvss 6.1epss 0.01
Bludit 2.3.4 allows XSS via a user name.
- risk 0.39cvss 7.1epss 0.00
Bludit is a content management system. Versions prior to 3.22.0 have a vulnerability in the user management logic that allows deactivated accounts to maintain access via persistent authentication tokens. When an administrator disables a user account, the application fails to…
- risk 0.35cvss 5.4epss 0.00
Bludit is vulnerable to Stored Cross-Site Scripting (XSS) in its page creating functionality. An authenticated attacker with page creation privileges (such as Author, Editor, or Administrator) can embed a malicious JavaScript payload in the tags field of a newly created…
- risk 0.35cvss 5.4epss 0.01
In Bludit v1.5.2 and v2.0.1, an XSS vulnerability is located in the new page, new category, and edit post function body message context. Remote attackers are able to bypass the basic editor validation to trigger cross site scripting. The XSS is persistent and the request method…
- risk 0.28cvss 5.4epss 0.00
Bludit is vulnerable to Stored Cross-Site Scripting (XSS) in its image upload functionality. An authenticated attacker with content upload privileges (such as Author, Editor, or Administrator) can upload an SVG file containing a malicious payload, which is executed when a victim…
- risk 0.26cvss —epss 0.00
Bludit CMS prior to commit 6732dde contains a reflected cross-site scripting vulnerability in the search plugin that allows unauthenticated attackers to inject arbitrary JavaScript by crafting a malicious search query. Attackers can execute malicious scripts in the browsers of…
- CVE-2019-16113Sep 8, 2019risk 0.10cvss —epss 0.78
Bludit 3.9.2 allows remote code execution via bl-kernel/ajax/upload-images.php because PHP code can be entered with a .jpg file name, and then this PHP code can write other PHP code to a ../ pathname.
- CVE-2019-17240Oct 6, 2019risk 0.06cvss —epss 0.40
bl-kernel/security.class.php in Bludit 3.9.2 allows attackers to bypass a brute-force protection mechanism by using many different forged X-Forwarded-For or Client-IP HTTP headers.
- CVE-2018-1000811Dec 20, 2018risk 0.04cvss —epss 0.48
bludit version 3.0.0 contains a Unrestricted Upload of File with Dangerous Type vulnerability in Content Upload in Pages Editor that can result in Remote Command Execution. This attack appear to be exploitable via malicious user have to upload a crafted payload containing PHP…
- CVE-2023-31698May 17, 2023risk 0.03cvss —epss 0.03
Bludit v3.14.1 is vulnerable to Stored Cross Site Scripting (XSS) via SVG file on site logo. NOTE: the product's security model is that users are trusted by the administrator to insert arbitrary content (users cannot create their own accounts through self-registration).
- CVE-2021-35323Oct 19, 2021risk 0.03cvss —epss 0.06
Cross Site Scripting (XSS) vulnerability exists in bludit 3-13-1 via the username in admin/login.
- CVE-2020-18879Aug 20, 2021risk 0.01cvss —epss 0.03
Unrestricted File Upload in Bludit v3.8.1 allows remote attackers to execute arbitrary code by uploading malicious files via the component 'bl-kereln/ajax/upload-logo.php'.
- CVE-2026-27741Feb 23, 2026risk 0.00cvss —epss 0.00
Bludit version 3.16.1 contains a cross-site request forgery (CSRF) vulnerability in the /admin/uninstall-plugin/ and /admin/install-theme/ endpoints. The application does not implement anti-CSRF tokens or other request origin validation mechanisms for these administrative…
- CVE-2026-27742Feb 23, 2026risk 0.00cvss —epss 0.00
Bludit version 3.16.2 contains a stored cross-site scripting (XSS) vulnerability in the post content functionality. The application performs client-side sanitation of content input but does not enforce equivalent sanitation on the server side. An authenticated user can inject…
- CVE-2023-53907Dec 17, 2025risk 0.00cvss —epss 0.01
Bludit versions before 3.13.1 contain an authenticated file download vulnerability in the Backup Plugin that allows logged-in users to access arbitrary files. Attackers can exploit the plugin's download functionality by manipulating file path parameters to read sensitive system…
- CVE-2024-24554Jun 24, 2024risk 0.00cvss —epss 0.00
Bludit uses predictable methods in combination with the MD5 hashing algorithm to generate sensitive tokens such as the API token and the user token. This allows attackers to authenticate against the Bludit API.
- CVE-2024-24553Jun 24, 2024risk 0.00cvss —epss 0.00
Bludit uses the SHA-1 hashing algorithm to compute password hashes. Thus, attackers could determine cleartext passwords with brute-force attacks due to the inherent speed of SHA-1. In addition, the salt that is computed by Bludit is generated with a non-cryptographically secure…
- CVE-2024-24552Jun 24, 2024risk 0.00cvss —epss 0.00
A session fixation vulnerability in Bludit allows an attacker to bypass the server's authentication if they can trick an administrator or any other user into authorizing a session ID of their choosing.
- CVE-2024-24551Jun 24, 2024risk 0.00cvss —epss 0.01
A security vulnerability has been identified in Bludit, allowing authenticated attackers to execute arbitrary code through the Image API. This vulnerability arises from improper handling of file uploads, enabling malicious actors to upload and execute PHP files.
- CVE-2024-24550Jun 24, 2024risk 0.00cvss —epss 0.01
A security vulnerability has been identified in Bludit, allowing attackers with knowledge of the API token to upload arbitrary files through the File API which leads to arbitrary code execution on the server. This vulnerability arises from improper handling of file uploads,…
- CVE-2024-25297Feb 17, 2024risk 0.00cvss —epss 0.01
Cross Site Scripting (XSS) vulnerability in Bludit CMS version 3.15, allows remote attackers to execute arbitrary code and obtain sensitive information via edit-content.php.
- CVE-2023-24674Sep 1, 2023risk 0.00cvss —epss 0.00
Permissions vulnerability found in Bludit CMS v.4.0.0 allows local attackers to escalate privileges via the role:admin parameter.
- CVE-2023-24675Sep 1, 2023risk 0.00cvss —epss 0.00
Cross Site Scripting Vulnerability in BluditCMS v.3.14.1 allows attackers to execute arbitrary code via the Categories Friendly URL.
- CVE-2020-20210Jun 26, 2023risk 0.00cvss —epss 0.01
Bludit 3.9.2 is vulnerable to Remote Code Execution (RCE) via /admin/ajax/upload-images.
- CVE-2023-34845Jun 16, 2023risk 0.00cvss —epss 0.01
Bludit v3.14.1 was discovered to contain an arbitrary file upload vulnerability in the component /admin/new-content. This vulnerability allows attackers to execute arbitrary web scripts or HTML via uploading a crafted SVG file. NOTE: the product's security model is that users…
- CVE-2023-31572May 16, 2023risk 0.00cvss —epss 0.01
An issue in Bludit 4.0.0-rc-2 allows authenticated attackers to change the Administrator password and escalate privileges via a crafted request.
- CVE-2020-19228May 11, 2022risk 0.00cvss —epss 0.01
An issue was found in bludit v3.13.0, unsafe implementation of the backup plugin allows attackers to upload arbitrary files.
- CVE-2022-1590May 5, 2022risk 0.00cvss —epss 0.01
A vulnerability was found in Bludit 3.13.1. It has been declared as problematic. This vulnerability affects the endpoint /admin/new-content of the New Content module. The manipulation of the argument content with the input leads to cross site scripting.…
- CVE-2021-45745Jan 6, 2022risk 0.00cvss —epss 0.01
A Stored Cross Site Scripting (XSS) vulnerability exists in Bludit 3.13.1 via the About Plugin in login panel.
- CVE-2021-45744Jan 6, 2022risk 0.00cvss —epss 0.01
A Stored Cross Site Scripting (XSS) vulnerability exists in bludit 3.13.1 via the TAGS section in login panel.
- CVE-2020-20495Aug 31, 2021risk 0.00cvss —epss 0.02
bludit v3.13.0 contains an arbitrary file deletion vulnerability in the backup plugin via the `deleteBackup' parameter.
- CVE-2021-25808Jul 23, 2021risk 0.00cvss —epss 0.01
A code injection vulnerability in backup/plugin.php of Bludit 3.13.1 allows attackers to execute arbitrary code via a crafted ZIP file.
- CVE-2020-23765May 21, 2021risk 0.00cvss —epss 0.01
A file upload vulnerability was discovered in the file path /bl-plugins/backup/plugin.php on Bludit version 3.12.0. If an attacker is able to gain Administrator rights they will be able to use unsafe plugins to upload a backup file and control the server.
- CVE-2020-18190Oct 2, 2020risk 0.00cvss —epss 0.02
Bludit v3.8.1 is affected by directory traversal. Remote attackers are able to delete arbitrary files via /admin/ajax/upload-profile-picture.
- CVE-2020-15026Jun 24, 2020risk 0.00cvss —epss 0.01
Bludit 3.12.0 allows admins to use a /plugin-backup-download?file=../ directory traversal approach for arbitrary file download via backup/plugin.php.
- CVE-2020-15006Jun 24, 2020risk 0.00cvss —epss 0.01
Bludit 3.12.0 allows stored XSS via JavaScript code in an SVG document to bl-kernel/ajax/logo-upload.php.
- CVE-2020-13889Jun 6, 2020risk 0.00cvss —epss 0.01
showAlert() in the administration panel in Bludit 3.12.0 allows XSS.
- CVE-2020-8811Feb 7, 2020risk 0.00cvss —epss 0.01
ajax/profile-picture-upload.php in Bludit 3.10.0 allows authenticated users to change other users' profile pictures.
- CVE-2020-8812Feb 7, 2020risk 0.00cvss —epss 0.01
Bludit 3.10.0 allows Editor or Author roles to insert malicious JavaScript on the WYSIWYG editor. NOTE: the vendor's perspective is that this is "not a bug.
- CVE-2019-16334Sep 15, 2019risk 0.00cvss —epss 0.01
In Bludit v3.9.2, there is a persistent XSS vulnerability in the Categories -> Add New Category -> Name field. NOTE: this may overlap CVE-2017-16636.
- CVE-2019-12742Jun 5, 2019risk 0.00cvss —epss 0.01
Bludit prior to 3.9.1 allows a non-privileged user to change the password of any account, including admin. This occurs because of bl-kernel/admin/controllers/user-password.php Insecure Direct Object Reference (a modified username POST parameter).
- CVE-2019-12548Jun 3, 2019risk 0.00cvss —epss 0.03
Bludit before 3.9.0 allows remote code execution for an authenticated user by uploading a php file while changing the logo through /admin/ajax/upload-logo.