CVE-2025-5807 – WordPress Gwolle Guestbook Stored Cross-Site Scripting Vulnerability

July 10, 2025

CVE ID : CVE-2025-5807

Published : July 10, 2025, 2:15 a.m. | 1 hour, 49 minutes ago

Description : The Gwolle Guestbook plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘gwolle_gb_content’ parameter in all versions up to, and including, 4.9.2 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.

Severity: 6.1 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-35983 – Cisco Controller 7000 Certificate Validation Denial of Service

Next Article CVE-2025-4406 – WordPress wpForo Forum Stored Cross-Site Scripting

Vibe Loop: AI-native reliability engineering for the real world

Docker Compose gets new features for building and running agents

Why Enterprises Are Choosing AI-Driven React.js Development Companies in 2025

Unmasking The Magic: The Wizard Of Oz Method For UX Research

How I personalized my ChatGPT conversations – why it’s a game changer

Xbox Game Pass deals ranged from “$50,000 to $50,000,000” — offering a glimpse at how much Microsoft drops on content

The Division 2’s new Brooklyn Archivist Merit Commendation was driving me INSANE — it turns out there’s a sneaky extra step you need to do first

Alan Wake 2 for Xbox Series X is on sale during Amazon Prime Day — dive into Remedy’s title that “bloodily earns its place as a horror game”

Salesforce Health Cloud Demo: Provider Search & Network Management in Action

Salesforce Health Cloud Demo: Provider Search & Network Management in Action

Oracle Cloud EPM: Transitioning to Forms 2.0, Dashboards 2.0 by October 2025

This Week in Laravel: React.js, Filament vs Laravel, and Junior Test

Xbox Game Pass deals ranged from “$50,000 to $50,000,000” — offering a glimpse at how much Microsoft drops on content

Xbox Game Pass deals ranged from “$50,000 to $50,000,000” — offering a glimpse at how much Microsoft drops on content

The Division 2’s new Brooklyn Archivist Merit Commendation was driving me INSANE — it turns out there’s a sneaky extra step you need to do first

Alan Wake 2 for Xbox Series X is on sale during Amazon Prime Day — dive into Remedy’s title that “bloodily earns its place as a horror game”

CVE-2025-5807 – WordPress Gwolle Guestbook Stored Cross-Site Scripting Vulnerability

Chrome Zero-Day CVE-2025-6554 Under Active Attack — Google Issues Security Update

Critical Vulnerability in Anthropic’s MCP Exposes Developer Machines to Remote Exploits

CVE-2025-43000 – Apache Struts Information Disclosure Vulnerability

CVE-2025-28038 – TOTOLINK EX1200T Remote Command Execution Vulnerability

LLMs Can Be Misled by Surprising Data: Google DeepMind Introduces New Techniques to Predict and Reduce Unintended Knowledge Contamination

CVE-2025-5861 – Tenda AC7 Buffer Overflow in AdvSetLanip Function

Natasha Lyonne to Direct AI-Powered Sci-Fi Film That Could Redefine Hollywood

CVE-2025-6904 – Car Rental System SQL Injection Vulnerability

CSS Cursor Types Explained

Developer Spotlight: Reksa Andhika

CVE-2025-5807 – WordPress Gwolle Guestbook Stored Cross-Site Scripting Vulnerability

Related Posts