Known Vulnerabilities for products from Amasty
Listed below are 4 of the newest known vulnerabilities associated with the vendor "Amasty".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2026-53787 json | Not Provided | 2026-06-12 | 2026-06-12 | |
| CVE-2022-36433 json | The blog-post creation functionality in the Amasty Blog Pro 2.10.3 plugin for Magento 2 allows injection of JavaScript code i... | 6.1 - MEDIUM | 2022-11-29 | 2022-12-01 |
| CVE-2022-36432 json | The Preview functionality in the Amasty Blog Pro 2.10.3 plugin for Magento 2 uses eval unsafely. This allows attackers to per... | 5.4 - MEDIUM | 2022-11-17 | 2022-11-21 |
| CVE-2022-35501 json | Stored Cross-site Scripting (XSS) exists in the Amasty Blog Pro 2.10.3 and 2.10.4 plugin for Magento 2 because of the duplica... | 5.4 - MEDIUM | 2022-11-23 | 2022-11-28 |
| CVE-2022-35500 json | Amasty Blog 2.10.3 is vulnerable to Cross Site Scripting (XSS) via leave comment functionality. | 5.4 - MEDIUM | 2022-11-23 | 2022-11-28 |