CVE-2025-5034 – WordPress wp-file-download Reflected Cross-Site Scripting

June 21, 2025

CVE ID : CVE-2025-5034

Published : June 21, 2025, 6:15 a.m. | 4 hours, 33 minutes ago

Description : The wp-file-download WordPress plugin before 6.2.6 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-6400 – TOTOLINK N300RH HTTP POST Message Handler Buffer Overflow Vulnerability

Next Article Rilasciato XLibre 25.0: il nuovo fork del server grafico X.Org si presenta al mondo GNU/Linux

Automating Design Systems: Tips And Resources For Getting Started

OpenAI releases two open weight reasoning models

Accelerate tool adoption with a developer experimentation framework

UX Job Interview Helpers

Yes, you can edit video like a pro on Linux – here are my 4 go-to apps

I tried Perplexity’s new reservation feature, and it surprised me with new dining spots to try

Your Samsung TV is getting a huge feature upgrade – 3 AI tools launching right now

This multi-card reader is one of the best investments I’ve made for my creative workflow

Fluent Object Operations with Laravel’s Enhanced Helper Utilities

Fluent Object Operations with Laravel’s Enhanced Helper Utilities

Record and Replay Requests With Laravel ChronoTrace

How to Write Media Queries in Optimizely Configured Commerce (Spire)

Battlefield 6 Developers Confirm AI Bots Will Auto-fill Servers If Player Count Drops

Battlefield 6 Developers Confirm AI Bots Will Auto-fill Servers If Player Count Drops

Canon imageFORMULA R40 Driver for Windows 11, 10 (Download)

Microsoft to End Support for Visual Studio 2015 This October

CVE-2025-5034 – WordPress wp-file-download Reflected Cross-Site Scripting

ESET Threat Report H1 2025: ClickFix, infostealer disruptions, and ransomware deathmatch

CISA Adds 3 D-Link Vulnerabilities to KEV Catalog Amid Active Exploitation Evidence

U.S. Policy Reversal Lets NVIDIA Resume H20 Chip Sales in China

AMD Warns of Transient Scheduler Attacks Affecting Wide Range of Chipsets

How Heroku migrated hundreds of thousands of self-managed PostgreSQL databases to Amazon Aurora

Shadow Vector: Malicious SVGs Deliver AsyncRAT & RemcosRAT in Colombian Phishing Campaign!

15+ Best Free Titles Templates for After Effects in 2025

11 Best Free and Open Source Mind Mapping Software

Vulnerabilities in Netis Systems WF2220 software

CVE-2025-48877 – Discourse Codepen Unintended JS Execution Vulnerability

CVE-2025-5034 – WordPress wp-file-download Reflected Cross-Site Scripting

Related Posts