Sbakhour

**Name of the Vulnerable Software and Affected Versions** Wondercms version 3.4.1 **Description** The Simple Blog plugin in Wondercms is vulnerable to a stored cross-site scripting (XSS) issue. This occurs when a user opens a particular blog hosted on an attacker's site, potentially leading to XSS. **Recommendations** For Wondercms version 3.4.1, update to a version that fixes the stored cross-site scripting vulnerability in the Simple Blog plugin. At the moment, there is no information about a newer version that contains a fix for this vulnerability.