ReportizFlow
Filtered by vendor Publify Project
Subscriptions
Filtered by product Publify
Subscriptions
Total
13 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2021-25973 | 1 Publify Project | 1 Publify | 2025-04-30 | 6.5 Medium |
| In Publify, 9.0.0.pre1 to 9.2.4 are vulnerable to Improper Access Control. “guest” role users can self-register even when the admin does not allow. This happens due to front-end restriction only. | ||||
| CVE-2021-25974 | 1 Publify Project | 1 Publify | 2025-04-30 | 5.4 Medium |
| In Publify, versions v8.0 to v9.2.4 are vulnerable to stored XSS. A user with a “publisher” role is able to inject and execute arbitrary JavaScript code while creating a page/article. | ||||
| CVE-2021-25975 | 1 Publify Project | 1 Publify | 2025-04-30 | 5.4 Medium |
| In publify, versions v8.0 to v9.2.4 are vulnerable to stored XSS as a result of an unrestricted file upload. This issue allows a user with “publisher” role to inject malicious JavaScript via the uploaded html file. | ||||
| CVE-2023-0299 | 1 Publify Project | 1 Publify | 2025-04-07 | 9.8 Critical |
| Improper Input Validation in GitHub repository publify/publify prior to 9.2.10. | ||||
| CVE-2022-1812 | 1 Publify Project | 1 Publify | 2025-04-07 | 9.8 Critical |
| Integer Overflow or Wraparound in GitHub repository publify/publify prior to 9.2.10. | ||||
| CVE-2022-2815 | 1 Publify Project | 1 Publify | 2025-04-07 | 6.5 Medium |
| Insecure Storage of Sensitive Information in GitHub repository publify/publify prior to 9.2.10. | ||||
| CVE-2023-0569 | 1 Publify Project | 1 Publify | 2025-03-28 | 6.5 Medium |
| Weak Password Requirements in GitHub repository publify/publify prior to 9.2.10. | ||||
| CVE-2022-1811 | 1 Publify Project | 1 Publify | 2024-11-21 | 5.4 Medium |
| Unrestricted Upload of File with Dangerous Type in GitHub repository publify/publify prior to 9.2.9. | ||||
| CVE-2022-1810 | 1 Publify Project | 1 Publify | 2024-11-21 | 4.3 Medium |
| Authorization Bypass Through User-Controlled Key in GitHub repository publify/publify prior to 9.2.9. | ||||
| CVE-2022-1553 | 1 Publify Project | 1 Publify | 2024-11-21 | 4.9 Medium |
| Leaking password protected articles content due to improper access control in GitHub repository publify/publify prior to 9.2.8. Attackers can leverage this vulnerability to view the contents of any password-protected article present on the publify website, compromising confidentiality and integrity of users. | ||||
| CVE-2022-0578 | 1 Publify Project | 1 Publify | 2024-11-21 | 6.5 Medium |
| Code Injection in GitHub repository publify/publify prior to 9.2.8. | ||||
| CVE-2022-0574 | 1 Publify Project | 1 Publify | 2024-11-21 | 6.5 Medium |
| Improper Access Control in GitHub repository publify/publify prior to 9.2.8. | ||||
| CVE-2022-0524 | 1 Publify Project | 1 Publify | 2024-11-21 | 7.5 High |
| Business Logic Errors in GitHub repository publify/publify prior to 9.2.7. | ||||
Page 1 of 1.