CVE-2025-3832 – “FuseDesk WordPress Stored Cross-Site Scripting Vulnerability”

April 24, 2025

CVE ID : CVE-2025-3832

Published : April 24, 2025, 9:15 a.m. | 1 hour, 28 minutes ago

Description : The FuseDesk plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘successredirect’ parameter in all versions up to, and including, 6.7 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.

Severity: 6.4 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-3793 – Buddypress WordPress Force Password Change Plugin Authentication Bypass

Next Article CVE-2025-3300 – “WordPress WPMasterToolKit Directory Traversal Vulnerability”

The Value-Driven AI Roadmap

This week in AI updates: Mistral’s new Le Chat features, ChatGPT updates, and more (September 5, 2025)

Designing For TV: Principles, Patterns And Practical Guidance (Part 2)

Neo4j introduces new graph architecture that allows operational and analytics workloads to be run together

Lenovo Legion Go 2 specs unveiled: The handheld gaming device to watch this October

As Windows 10 support ends, users weigh costly extended security program against upgrading to Windows 11

Lenovo’s Legion Glasses 2 update could change handheld gaming

Is Lenovo’s refreshed LOQ tower enough to compete? New OLED monitors raise the stakes at IFA 2025

External Forces Reshaping Financial Services in 2025 and Beyond

External Forces Reshaping Financial Services in 2025 and Beyond

Why It’s Time to Move from SharePoint On-Premises to SharePoint Online

Apple’s Big Move: The Future of Mobile

Lenovo Legion Go 2 specs unveiled: The handheld gaming device to watch this October

Lenovo Legion Go 2 specs unveiled: The handheld gaming device to watch this October

As Windows 10 support ends, users weigh costly extended security program against upgrading to Windows 11

Lenovo’s Legion Glasses 2 update could change handheld gaming

CVE-2025-3832 – “FuseDesk WordPress Stored Cross-Site Scripting Vulnerability”

20 Popular npm Packages With 2 Billion Weekly Downloads Compromised in Supply Chain Attack

TOR-Based Cryptojacking Attack Expands Through Misconfigured Docker APIs

Parse Localized Numbers with Laravel’s Number Class

CVE-2025-7148 – CodeAstro Simple Hospital Management System Cross-Site Scripting Vulnerability

remarklint – check Markdown code style

CVE-2025-8098 – Lenovo PC Manager Privilege Escalation Vulnerability

The Future is Calling: India’s ‘Human AI’ Srinidhi Ranganathan Envisions Computers That Breathe and Think Freely by 2029

CVE-2025-46716 – Sandboxie Kernel Pointer Read Vulnerability

CVE-2024-13089 – Nozomi Networks Guardian and CMC OS Command Injection Vulnerability

Iranian Hackers Exploit 100+ Embassy Email Accounts in Global Phishing Targeting Diplomats

CVE-2025-3832 – “FuseDesk WordPress Stored Cross-Site Scripting Vulnerability”

Related Posts