Log out
Get PRO

Latest

Input validation vulnerability in Blog Grid & Post Grid – Blog Post Slider, Blog Post Carousel, Blog Post Ticker, Blog Post Masonry, Category Post Grid By News & Blog Designer Pack 4.0

  • Severity: critical
  • Status: Fixed
  • Publication: April 1, 2025

The plugin called News & Blog Designer Pack for WordPress has a security issue in versions 4.0 and below. This means that people who are not logged in can access and run any type of file on the server, including PHP files. This could potentially be used to get around security measures, access private information, or run code if someone uploads an “innocent” file type like images.

Detected in:

Blog Designer Pack – Blog, Post Grid, Post Slider, Post Carousel, Category Post, News fixed vulnerable versions:
Blog Grid & Post Grid – Blog Post Slider, Blog Post Carousel, Blog Post Ticker, Blog Post Masonry, Category Post Grid By News & Blog Designer Pack fixed vulnerable versions:

This information is sourced from www.wpvulnerability.com. An open-source database of vulnerabilities maintained by the community. Help us out by submitting vulnerabilities!

Version compare shows which versions have a vulnerability. For example: >= 2.2.8 <= 2.2.21 means:

> from 2.2.8
= including 2.2.8 & 2.2.21
< to 2.2.21

  • Incorrect?

Is this information incorrect? Please leave us a message.