High 8.8 Unfixed
2026-02-19≤ 0.2.5.6
CVE-2025-12821
NewsBlogger
Minimum safe version
0.2.5.5
Update to 0.2.5.5 or later to address 2 fixable vulnerabilities
Latest available0.2.6.1 ✓⚠ 1 vulnerability has no fix
High 8.8
2025-04-30< 0.2.5.2
NewsBlogger <= 0.2.5.1 - Authenticated (Subscriber+) Arbitrary File Upload
High 8.8
2025-04-30< 0.2.5.5
NewsBlogger <= 0.2.5.4 - Cross-Site Request Forgery to Arbitrary Plugin Installation