CVE-2025-5700 – WordPress Simple Logo Carousel Stored Cross-Site Scripting Vulnerability

June 17, 2025

CVE ID : CVE-2025-5700

Published : June 17, 2025, 12:15 p.m. | 2 hours, 11 minutes ago

Description : The Simple Logo Carousel plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘id’ parameter in all versions up to, and including, 1.9.3 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.

Severity: 6.4 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-4365 – Citrix NetScaler Console and NetScaler SDX SVM Arbitrary File Read Vulnerability

Next Article CVE-2025-5291 – Master Slider WordPress Stored Cross-Site Scripting Vulnerability

ScyllaDB X Cloud’s autoscaling capabilities meet the needs of unpredictable workloads in real time

Parasoft C/C++test 2025.1, Secure Code Warrior AI Security Rules, and more – Daily News Digest

What I Wish Someone Told Me When I Was Getting Into ARIA

SD Times 100

Clair Obscur: Expedition 33 is a masterpiece, but I totally skipped parts of it (and I won’t apologize)

This Xbox game emotionally wrecked me in less than four hours… I’m going to go hug my cat now

Top 5 desktop PC case features that I can’t live without — and neither should you

‘No aggressive monetization’ — Nexus Mods’ new ownership responds to worried members

Build AI Agents That Run Your Day – While You Focus on What Matters

Build AI Agents That Run Your Day – While You Focus on What Matters

Faster Builds in Meteor 3.3: Modern Build Stack with SWC and Bundler Optimizations

How to Change Redirect After Login/Register in Laravel Breeze

Clair Obscur: Expedition 33 is a masterpiece, but I totally skipped parts of it (and I won’t apologize)

Clair Obscur: Expedition 33 is a masterpiece, but I totally skipped parts of it (and I won’t apologize)

This Xbox game emotionally wrecked me in less than four hours… I’m going to go hug my cat now

Top 5 desktop PC case features that I can’t live without — and neither should you

CVE-2025-5700 – WordPress Simple Logo Carousel Stored Cross-Site Scripting Vulnerability

The “Infinite Workday” is Here: Microsoft Warns of Never-Ending Work Driven by Hybrid Models & AI

Mastodon Cracks Down: New Terms Ban Unauthorized AI Data Scraping

Microsoft: DHCP issue hits KB5060526, KB5060531 of Windows Server

CVE-2022-21150 – Apache Struts Deserialization Vulnerability

Highlights from Git 2.50

CVE-2025-46237 – Yannick Lefebvre Link Library Cross-site Scripting

CVE-2025-1493 – IBM Db2 Denial of Service

Google Uncovers LOSTKEYS Malware Used by Russian COLDRIVER for Cyber Espionage

AI-enabled control system helps autonomous drones stay on target in uncertain environments

This smart planter uses NASA tech to harvest vegetables at home – my buying advice after 45 days

CVE-2025-5700 – WordPress Simple Logo Carousel Stored Cross-Site Scripting Vulnerability

Related Posts