CVE-2025-46542 – ThemeXpert Xpert Tab Stored Cross-site Scripting

April 24, 2025

CVE ID : CVE-2025-46542

Published : April 24, 2025, 4:15 p.m. | 2 hours, 44 minutes ago

Description : Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in ThemeXpert Xpert Tab allows Stored XSS. This issue affects Xpert Tab: from n/a through 1.3.

Severity: 6.5 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-46541 – Elrata WP-reCAPTCHA-bp Cross-site Scripting (XSS)

Next Article CVE-2025-46536 – RichardHarrison Carousel-of-post-images Cross-site Scripting

Highlights

CVE-2025-37777 – KSMbd Use-After-Free Vuln

May 1, 2025

CVE ID : CVE-2025-37777

Published : May 1, 2025, 2:15 p.m. | 1 hour, 10 minutes ago

Description : In the Linux kernel, the following vulnerability has been resolved:

ksmbd: fix use-after-free in __smb2_lease_break_noti()

Move tcp_transport free to ksmbd_conn_free. If ksmbd connection is
referenced when ksmbd server thread terminates, It will not be freed,
but conn->tcp_transport is freed. __smb2_lease_break_noti can be performed
asynchronously when the connection is disconnected. __smb2_lease_break_noti
calls ksmbd_conn_write, which can cause use-after-free
when conn->ksmbd_transport is already freed.

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

How To Prevent WordPress SQL Injection Attacks

Java never goes out of style: Celebrating 30 years of the language

OpenAI o3-pro available in the API, BrowserStack adds Playwright support for real iOS devices, and more – Daily News Digest

Creating The “Moving Highlight” Navigation Bar With JavaScript And CSS

Surface Pro 11 with Snapdragon X Elite drops to lowest price ever

With WH40K Boltgun and Dungeons of Hinterberg, this month’s Humble Choice lineup is stacked for less than $12

I’ve been loving the upgrade to my favorite mobile controller, and there’s even a version for large tablets

Copilot Vision just launched — and Microsoft already added new features

Master Data Management: The Key to Improved Analytics Reporting

Master Data Management: The Key to Improved Analytics Reporting

Salesforce Lead-to-Revenue Management

React Native 0.80 – React 19.1, JS API Changes, Freezing Legacy Arch and much more

Surface Pro 11 with Snapdragon X Elite drops to lowest price ever

Surface Pro 11 with Snapdragon X Elite drops to lowest price ever

With WH40K Boltgun and Dungeons of Hinterberg, this month’s Humble Choice lineup is stacked for less than $12

I’ve been loving the upgrade to my favorite mobile controller, and there’s even a version for large tablets

CVE-2025-46542 – ThemeXpert Xpert Tab Stored Cross-site Scripting

Apache Tomcat Under Attack: Massive Brute-Force Campaign Targets Manager Interfaces

Warning: Discontinued Amazon Cloud Cam Has Vulnerability (CVE-2025-6031), Exposing Your Network

CVE-2025-40555 – APOGEE PXC+TALON TC Series BACnet Broadcast Storm Denial of Service Vulnerability

Microsoft releases updated HLK and VHLK for Windows 11 24H2 & Server 2025

CVE-2025-4915 – PHPGurukul Auto Taxi Stand Management System SQL Injection

CVE-2025-23177 – Apache ShellShock Path Traversal

CVE-2025-37777 – KSMbd Use-After-Free Vuln

Opal – Optimizely’s AI-Powered Marketing Assistant

The AI Fix #47: An AI is the best computer programmer in the world

Think Your IdP or CASB Covers Shadow IT? These 5 Risks Prove Otherwise

CVE-2025-46542 – ThemeXpert Xpert Tab Stored Cross-site Scripting

Related Posts