CVE-2025-46529 – StressFree Sites Business Contact Widget Stored Cross-Site Scripting Vulnerability

April 24, 2025

CVE ID : CVE-2025-46529

Published : April 24, 2025, 4:15 p.m. | 2 hours, 44 minutes ago

Description : Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in StressFree Sites Business Contact Widget allows Stored XSS. This issue affects Business Contact Widget: from n/a through 2.7.0.

Severity: 5.9 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-46531 – Ankur Vishwakarma WP AVCL Automation Helper SSRF Vulnerability

Next Article CVE-2025-46530 – HuangYe WuDeng Hacklog Remote Attachment CSRF Stored XSS

Web Components: Working With Shadow DOM

Google’s new Opal tool allows users to create mini AI apps with no coding required

Designing Better UX For Left-Handed People

This week in AI dev tools: Gemini 2.5 Flash-Lite, GitLab Duo Agent Platform beta, and more (July 25, 2025)

Microsoft wants you to chat with its browser now – but can you trust this Copilot?

I tested the Dell XPS’ successor – here are the biggest upgrades (and what’s the same)

I’m a Linux pro – here are my top 5 command line backup tools for desktops and servers

Should you buy a refurbished iPad? I tried one from Back Market and here’s my verdict

elegantweb/sanitizer

elegantweb/sanitizer

Streamlined String Encryption with Laravel’s Fluent Methods

Resume PHP

Gamers bypass UK age verification with Death Stranding — no real face or VPN required

Gamers bypass UK age verification with Death Stranding — no real face or VPN required

New Xbox games launching this week, from July 28 through August 3 — Grounded 2 arrives on Xbox Game Pass

TikTok’s owner forked Microsoft’s Visual Studio Code and concerns have been raised — reports suggest it’s resource heavy and never stops ‘phoning home’

CVE-2025-46529 – StressFree Sites Business Contact Widget Stored Cross-Site Scripting Vulnerability

Tea Dating Advice app spills sensitive data

Critical Flaws in Niagara Framework Threaten Smart Buildings and Industrial Systems Worldwide

CVE-2024-40445 – Forkosh Mime Tex Directory Traversal Arbitrary Code Execution

Why the Future Belongs to Enterprises That Build Intelligent Hyperautomation

TUXEDO Stellaris 16 Gen7: il nuovo laptop GNU/Linux con 128 GB di RAM e schermo HDR

CVE-2025-0634 – Samsung rLottie After Free Remote Code Inclusion Vulnerability

CVE-2025-49302 – Scott Paterson Easy Stripe Code Injection Vulnerability

Have a damaged painting? Restore it in just hours with an AI-generated “mask”

Sony’s Bend Studio Confirms Layoffs as It Gears Up for New Game

CVE-2025-39450 – Crocoblock JetTabs Cross-site Scripting

CVE-2025-46529 – StressFree Sites Business Contact Widget Stored Cross-Site Scripting Vulnerability

Related Posts