CVE-2025-3704 – DBAR Productions Volunteer Sign Up Sheets Stored Cross-site Scripting

May 27, 2025

CVE ID : CVE-2025-3704

Published : May 27, 2025, 3:15 p.m. | 1 hour, 43 minutes ago

Description : Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in DBAR Productions Volunteer Sign Up Sheets allows Stored XSS.This issue affects Volunteer Sign Up Sheets: from n/a before 5.5.5.

The patch is available exclusively on GitHub at https://github.com/dbarproductions/pta-volunteer-sign-up-sheets , as the vendor encounters difficulties using SVN to deploy to the WordPress.org repository.

Severity: 5.9 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-48383 – Django-Select2 Secret Token Exfiltration

Next Article CVE-2025-2236 – OpenText Advanced Authentication Information Elicitation Vulnerability

Highlights

CVE-2025-3861 – WordPress Prevent Direct Access Unauthorized Access Vulnerability

April 25, 2025

CVE ID : CVE-2025-3861

Published : April 25, 2025, 6:15 a.m. | 1 hour, 15 minutes ago

Description : The Prevent Direct Access – Protect WordPress Files plugin for WordPress is vulnerable to unauthorized access and modification of data| due to a misconfigured capability check on the ‘pda_lite_custom_permission_check’ function in versions 2.8.6 to 2.8.8.2. This makes it possible for authenticated attackers, with Contributor-level access and above, to access and change the protection status of media.

Severity: 5.4 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

In-House vs. Outsource Node.js Development Teams: 9 Key Differences for the C-Suite (2025)

Why Non-Native Content Designers Improve Global UX

DevOps won’t scale without platform engineering and here’s why your teams are still stuck

This week in AI dev tools: Slack’s enterprise search, Claude Code’s analytics dashboard, and more (July 18, 2025)

I ditched my Bluetooth speakers for this slick turntable – and it’s more practical than I thought

This split keyboard offers deep customization – if you’re willing to go all in

I spoke with an AI version of myself, thanks to Hume’s free tool – how to try it

I took a walk with Meta’s new Oakley smart glasses – they beat my Ray-Bans in every way

The details of TC39’s last meeting

The details of TC39’s last meeting

Simple wrapper for Chrome’s built-in local LLM (Gemini Nano)

Online Examination System using PHP and MySQL

Top 7 Computer Performance Test Tools Online (Free & Fast)

Top 7 Computer Performance Test Tools Online (Free & Fast)

10 Best Windows 11 Encryption Software

Google Chrome Is Testing Dynamic Country Detection for Region-Specific Features

CVE-2025-3704 – DBAR Productions Volunteer Sign Up Sheets Stored Cross-site Scripting

Critical mcp-remote Vulnerability Enables Remote Code Execution, Impacting 437,000+ Downloads

CISA Adds Citrix NetScaler CVE-2025-5777 to KEV Catalog as Active Exploits Target Enterprises

CVE-2025-6618 – TOTOLINK CA300-PoE OS Command Injection Vulnerability

Convert Eloquent Models to HLS Video

CVE-2025-20972 – Samsung Flow Intent Verification Vulnerability (Information Exposure)

CVE-2024-7650 – OpenText Directory Services Code Injection Vulnerability

CVE-2025-3861 – WordPress Prevent Direct Access Unauthorized Access Vulnerability

Native vs hybrid vs cross-platform: Resolving the trilemma

vmstat – reports virtual memory statistics

Unlock Automation Success: Power Automate Workshops at TechCon365 PWRCON

CVE-2025-3704 – DBAR Productions Volunteer Sign Up Sheets Stored Cross-site Scripting

Related Posts