CVE-2025-46235 – SKT Blocks – Gutenberg based Page Builder Cross-site Scripting

April 22, 2025

CVE ID : CVE-2025-46235

Published : April 22, 2025, 10:15 a.m. | 58 minutes ago

Description : Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in sonalsinha21 SKT Blocks – Gutenberg based Page Builder allows Stored XSS. This issue affects SKT Blocks – Gutenberg based Page Builder: from n/a through 2.0.

Severity: 6.5 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-46236 – Link Software LLC HTML Forms Stored Cross-site Scripting (XSS)

Next Article CVE-2025-46233 – Sirv CDN and Image Hosting Stored Cross-Site Scripting Vulnerability

Highlights

CVE-2025-5926 – WordPress Link Shield CSRF

June 13, 2025

CVE ID : CVE-2025-5926

Published : June 13, 2025, 3:15 a.m. | 2 hours, 48 minutes ago

Description : The Link Shield plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 0.5.4. This is due to missing or incorrect nonce validation on the link_shield_menu_options() function. This makes it possible for unauthenticated attackers to update settings and inject malicious web scripts via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.

Severity: 6.1 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

The Elder Scrolls 4: Oblivion Remastered review roundup — Here’s what critics had to say for this remastered edition of one of Bethesda’s classic RPGs

April 30, 2025

CutePeaks – cross platform Sanger Trace file viewer

July 2, 2025

Patch your Windows PC now before bootkit malware takes it over – here’s how

June 11, 2025

Tenable updates Vulnerability Priority Rating scoring method to flag fewer vulnerabilities as critical

Google adds updated workspace templates in Firebase Studio that leverage new Agent mode

AI and its impact on the developer experience, or ‘where is the joy?’

Google launches OSS Rebuild tool to improve trust in open source packages

EcoFlow’s new portable battery stations are lighter and more powerful (DC plug included)

7 ways Linux can save you money

My favorite Kindle tablet just got a kids model, and it makes so much sense

You can turn your Google Photos into video clips now – here’s how

Blade Service Injection: Direct Service Access in Laravel Templates

Blade Service Injection: Direct Service Access in Laravel Templates

This Week in Laravel: NativePHP Mobile and AI Guidelines from Spatie

Retrieve the Currently Executing Closure in PHP 8.5

FOSS Weekly #25.30: AUR Poisoned, Linux Rising, PPA Explained, New Open Source Grammar Checker and More

FOSS Weekly #25.30: AUR Poisoned, Linux Rising, PPA Explained, New Open Source Grammar Checker and More

How to Open Control Panel in Windows 11

How to Shut Down Windows 11

CVE-2025-46235 – SKT Blocks – Gutenberg based Page Builder Cross-site Scripting

UNC6148 Backdoors Fully-Patched SonicWall SMA 100 Series Devices with OVERSTEP Rootkit

Hackers Deploy Stealth Backdoor in WordPress Mu-Plugins to Maintain Admin Access

Facebook ‘Safety Check’ allows travelers to alert family

We’re Off — Ubuntu 25.10 Opens for Development

How to Create Serverless AI Agents with Langbase Docs MCP Server in Minutes

CVE-2025-25034 – SugarCRM Object Injection Vulnerability

CVE-2025-5926 – WordPress Link Shield CSRF

The Elder Scrolls 4: Oblivion Remastered review roundup — Here’s what critics had to say for this remastered edition of one of Bethesda’s classic RPGs

CutePeaks – cross platform Sanger Trace file viewer

Patch your Windows PC now before bootkit malware takes it over – here’s how

CVE-2025-46235 – SKT Blocks – Gutenberg based Page Builder Cross-site Scripting

Related Posts