CVE-2025-5153 – CMS Made Simple Design Manager Module Cross-Site Scripting Vulnerability

May 25, 2025

CVE ID : CVE-2025-5153

Published : May 25, 2025, 6:15 p.m. | 2 hours, 41 minutes ago

Description : A vulnerability, which was classified as problematic, has been found in CMS Made Simple 2.2.21. This issue affects some unknown processing of the component Design Manager Module. The manipulation of the argument Description leads to cross site scripting. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

Severity: 3.5 | LOW

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-5154 – PhonePe SQLite Database Cleartext Storage Vulnerability

Next Article CVE-2025-5152 – “Chanjet CRM SQL Injection Vulnerability”

Highlights

CVE-2025-3901 – Drupal Bootstrap Site Alert Cross-Site Scripting (XSS)

April 23, 2025

CVE ID : CVE-2025-3901

Published : April 23, 2025, 5:16 p.m. | 1 hour, 42 minutes ago

Description : Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in Drupal Bootstrap Site Alert allows Cross-Site Scripting (XSS).This issue affects Bootstrap Site Alert: from 0.0.0 before 1.13.0, from 3.0.0 before 3.0.4.

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Sunshine And March Vibes (2025 Wallpapers Edition)

The Case For Minimal WordPress Setups: A Contrarian View On Theme Frameworks

How To Fix Largest Contentful Paint Issues With Subpart Analysis

How To Prevent WordPress SQL Injection Attacks

How Red Hat just quietly, radically transformed enterprise server Linux

OpenAI wants ChatGPT to be your ‘super assistant’ – what that means

The best Linux VPNs of 2025: Expert tested and reviewed

One of my favorite gaming PCs is 60% off right now

`document.currentScript` is more useful than I thought.

`document.currentScript` is more useful than I thought.

Adobe Sensei and GenAI in Practice for Enterprise CMS

Over The Air Updates for React Native Apps

You can now open ChatGPT on Windows 11 with Win+C (if you change the Settings)

You can now open ChatGPT on Windows 11 with Win+C (if you change the Settings)

Microsoft says Copilot can use location to change Outlook’s UI on Android

TempoMail — Command Line Temporary Email in Linux

CVE-2025-5153 – CMS Made Simple Design Manager Module Cross-Site Scripting Vulnerability

Chrome Zero-Day Alert: CVE-2025-5419 Actively Exploited in the Wild

CISA Adds 5 Actively Exploited Vulnerabilities to KEV Catalog: ASUS Routers, Craft CMS, and ConnectWise Targeted

Did your Apple Notes vanish from your iPhone? Here’s how to find them

The best Windows tablets in 2025: Expert tested and reviewed

CISA: Hackers Breached Chemical Facilitiesâ€™ Data in January

PHPxWorld – The resurgence of PHP meet-ups with Chris Morrell

CVE-2025-3901 – Drupal Bootstrap Site Alert Cross-Site Scripting (XSS)

Steam Game Recording enters beta and works on Steam Deck â€” here’s how to try it out

Foal framework – version 4.5 released

BayMark Health Services Reports Data Breach, Exposing Patient Information

CVE-2025-5153 – CMS Made Simple Design Manager Module Cross-Site Scripting Vulnerability

Related Posts