CVE-2025-52791 – Devfelixmoira Knowledge Base Maker CSRF Stored XSS

June 20, 2025

CVE ID : CVE-2025-52791

Published : June 20, 2025, 3:15 p.m. | 2 hours, 9 minutes ago

Description : Cross-Site Request Forgery (CSRF) vulnerability in devfelixmoira Knowledge Base – Knowledge Base Maker allows Stored XSS. This issue affects Knowledge Base – Knowledge Base Maker: from n/a through 1.1.8.

Severity: 7.1 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-52822 – Iqonic Design WP Roadmap SQL Injection Vulnerability

Next Article CVE-2025-52790 – WP-DownloadCounter CSRF Stored XSS

This week in AI dev tools: Gemini 2.5 Pro and Flash GA, GitHub Copilot Spaces, and more (June 20, 2025)

Gemini 2.5 Pro and Flash are generally available and Gemini 2.5 Flash-Lite preview is announced

CSS Cascade Layers Vs. BEM Vs. Utility Classes: Specificity Control

IBM launches new integration to help unify AI security and governance

One of World of Warcraft’s deadliest entities makes a world-shattering return after nearly 20 years — and he’s city-sized

It feels like Blizzard has abandoned Diablo 2: Resurrected — but there’s one way to keep it alive for years to come

Steam’s performance tracking tool is becoming more like the Steam Deck’s — you can try it out right now

Borderlands 4 is killing off a tired “FOMO” trend — I hope other developers follow suit

Dr. Axel’s JavaScript flashcards

Dr. Axel’s JavaScript flashcards

Syntax-Highlight – Custom Element For Syntax Highlighting Content

WelsonJS – Build a Windows app on the Windows built-in JavaScript engine

One of World of Warcraft’s deadliest entities makes a world-shattering return after nearly 20 years — and he’s city-sized

One of World of Warcraft’s deadliest entities makes a world-shattering return after nearly 20 years — and he’s city-sized

It feels like Blizzard has abandoned Diablo 2: Resurrected — but there’s one way to keep it alive for years to come

Steam’s performance tracking tool is becoming more like the Steam Deck’s — you can try it out right now

CVE-2025-52791 – Devfelixmoira Knowledge Base Maker CSRF Stored XSS

Former Black Basta Members Use Microsoft Teams and Python Scripts in 2025 Attacks

ConnectWise to Rotate ScreenConnect Code Signing Certificates Due to Security Risks

Are Forgotten AD Service Accounts Leaving You at Risk?

Xbox just quietly added two of the best RPGs of all time to Game Pass

CVE-2024-40462 – Ocuco Innovation Local Privilege Escalation Vulnerability

CVE-2025-4712 – Campcodes Sales and Inventory System SQL Injection Vulnerability

CVE-2025-6001 – VirtueMart CSRF File Upload Bypass

CVE-2025-48122 – Holest Engineering Spreadsheet Price Changer for WooCommerce and WP E-commerce – Light SQL Injection Vulnerability

Insights in implementing production-ready solutions with generative AI

CVE-2025-3815 – WordPress SurveyJS Stored Cross-Site Scripting

CVE-2025-52791 – Devfelixmoira Knowledge Base Maker CSRF Stored XSS

Related Posts