CVE-2025-29280 | THREATINT

Description

Stored cross-site scripting vulnerability exists in PerfreeBlog v4.0.11 in the website name field of the backend system settings interface allows an attacker to insert and execute arbitrary malicious code.

PUBLISHED Reserved 2025-03-11 | Published 2025-04-15 | Updated 2025-04-15 | Assigner mitre

References

github.com/Cray0nLee/CVE/issues/1 exploit

github.com/Cray0nLee/CVE/issues/1

cve.org (CVE-2025-29280)

nvd.nist.gov (CVE-2025-29280)

Download JSON