CVE-2025-30943 – Aakif Kadiwala Posts Slider Shortcode Cross-site Scripting (XSS)

July 4, 2025

CVE ID : CVE-2025-30943

Published : July 4, 2025, 9:15 a.m. | 2 hours, 37 minutes ago

Description : Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in Aakif Kadiwala Posts Slider Shortcode allows DOM-Based XSS. This issue affects Posts Slider Shortcode: from n/a through 1.0.

Severity: 6.5 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-30929 – Amazon Web Services (AWS) fluXtore Authorization Bypass

Next Article CVE-2025-29001 – ZoomIt WooCommerce Shop Page Builder Missing Authorization Vulnerability

Highlights

CVE-2025-6006 – kiCode111 like-girl SQL Injection Vulnerability

June 12, 2025

CVE ID : CVE-2025-6006

Published : June 12, 2025, 2:15 a.m. | 2 hours, 57 minutes ago

Description : A vulnerability, which was classified as critical, has been found in kiCode111 like-girl 5.2.0. This issue affects some unknown processing of the file /admin/ImgUpdaPost.php. The manipulation of the argument id/imgText/imgDatd/imgUrl leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

Severity: 4.7 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

10 Top Node.js Development Companies for Enterprise-Scale Projects (2025-2026 Ranked & Reviewed)

12 Must-Know Cost Factors When Hiring Node.js Developers for Your Enterprise

Mirantis reveals Lens Prism, an AI copilot for operating Kubernetes clusters

Avoid these common platform engineering mistakes

Hideo Kojima’s “OD” is still in development with Xbox, at least for today

Microsoft is replacing salespeople with “solutions engineers” amid recent layoffs — promoting Copilot AI while ChatGPT dominates the enterprise sector

Microsoft’s extra year of Windows 10 security updates isn’t a “viable solution” for the 400 million PCs that can’t upgrade to Windows 11 — “It’s obvious users are frustrated and feel yanked around.”

OpenAI almost shipped ChatGPT with a different name — before a late-night twist

The dog days of JavaScript summer

The dog days of JavaScript summer

Databricks Lakebase – Database Branching in Action

Flutter + GitHub Copilot = Your New Superpower

Hideo Kojima’s “OD” is still in development with Xbox, at least for today

Hideo Kojima’s “OD” is still in development with Xbox, at least for today

Microsoft is replacing salespeople with “solutions engineers” amid recent layoffs — promoting Copilot AI while ChatGPT dominates the enterprise sector

Microsoft’s extra year of Windows 10 security updates isn’t a “viable solution” for the 400 million PCs that can’t upgrade to Windows 11 — “It’s obvious users are frustrated and feel yanked around.”

CVE-2025-30943 – Aakif Kadiwala Posts Slider Shortcode Cross-site Scripting (XSS)

Google Chrome Now Scans Your PC for Windows 11 Upgrade Eligibility as Windows 10 Nears EOL

CVE-2025-7074 – Vercel Hyper Regular Expression Complexity

CVE-2025-5925 – WordPress Bunny’s Print CSS CSRF Vulnerability

CVE-2025-4182 – PCMan FTP Server Buffer Overflow Vulnerability

Laravel Demo Project for Beginners: Personal Blog

CVE-2025-26783 – Samsung Mobile Processor, Wearable Processor, and Modem Exynos RRC Denial of Service Vulnerability

CVE-2025-6006 – kiCode111 like-girl SQL Injection Vulnerability

Dividing Collections with Laravel’s splitIn Helper

How to Write a Good Conference Talk Proposal – CFP Guide

CVE-2025-5842 – WordPress Modern Design Library Stored Cross-Site Scripting Vulnerability

CVE-2025-30943 – Aakif Kadiwala Posts Slider Shortcode Cross-site Scripting (XSS)

Related Posts