CVE-2025-4567 – WordPress Post Slider Cross-Site Scripting Vulnerability

June 3, 2025

CVE ID : CVE-2025-4567

Published : June 3, 2025, 6:15 a.m. | 1 hour, 12 minutes ago

Description : The Post Slider and Post Carousel with Post Vertical Scrolling Widget WordPress plugin before 3.2.10 does not validate and escape some of its Widget options before outputting them back in a page/post where the block is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks.

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-3662 – FancyBox for WordPress Unauthenticated Stored XSS

Next Article CVE-2025-31712 – Cisco cplog Out-of-Bounds Write Vulnerability

BrowserStack launches Figma plugin for detecting accessibility issues in design phase

Parasoft brings agentic AI to service virtualization in latest release

Node.js vs. Python for Backend: 7 Reasons C-Level Leaders Choose Node.js Talent

Handling JavaScript Event Listeners With Parameters

I finally gave NotebookLM my full attention – and it really is a total game changer

Google Chrome for iOS now lets you switch between personal and work accounts

How the Trump administration changed AI: A timeline

Download your photos before AT&T shuts down its cloud storage service permanently

Laravel Live Denmark

Laravel Live Denmark

The July 2025 Laravel Worldwide Meetup is Today

Livewire Security Vulnerability

Galaxy Z Fold 7 review: Six years later — Samsung finally cracks the foldable code

Galaxy Z Fold 7 review: Six years later — Samsung finally cracks the foldable code

Halo and Half-Life combine in wild new mod, bringing two of my favorite games together in one — here’s how to play, and how it works

Surprise! The iconic Roblox ‘oof’ sound is back — the beloved meme makes “a comeback so good it hurts” after three years of licensing issues

CVE-2025-4567 – WordPress Post Slider Cross-Site Scripting Vulnerability

UNC6148 Backdoors Fully-Patched SonicWall SMA 100 Series Devices with OVERSTEP Rootkit

Hackers Exploit SharePoint Zero-Day Since July 7 to Steal Keys, Maintain Persistent Access

CVE-2025-40652 – CoverManager Stored Cross-Site Scripting (XSS) Vulnerability

Hyprland Escluso dalla Prossima Versione di Debian 13 “Trixie”

AgentA/B: A Scalable AI System Using LLM Agents that Simulate Real User Behavior to Transform Traditional A/B Testing on Live Web Platforms

Apple’s big, next-gen CarPlay Ultra upgrade is here – if you drive these cars

CVE-2025-6870 – SourceCodester Simple Company Website Unrestricted File Upload Vulnerability

CVE-2025-46274 – UNI-NMS-Lite Authentication Bypass

“Using AI is no longer optional” — Did Microsoft just make Copilot mandatory for its staff as a critical performance metric?

Top Factors to Consider When Choosing the Right AI Service Provider

CVE-2025-4567 – WordPress Post Slider Cross-Site Scripting Vulnerability

Related Posts