CVE-2025-46239 – Theme Switcha Cross-site Scripting Vulnerability

April 22, 2025

CVE ID : CVE-2025-46239

Published : April 22, 2025, 10:15 a.m. | 58 minutes ago

Description : Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in Jeff Starr Theme Switcha allows Stored XSS. This issue affects Theme Switcha: from n/a through 3.4.

Severity: 6.5 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-46240 – Simple Download Counter Stored Cross-site Scripting

Next Article CVE-2025-46241 – Codepeople Appointment Booking Calendar CSRF-Enabled SQL Injection

Highlights

CVE-2025-30010 – SAP SRM Java Applet Cross-Site Scripting (XSS)

May 13, 2025

CVE ID : CVE-2025-30010

Published : May 13, 2025, 1:15 a.m. | 1 hour, 49 minutes ago

Description : The Live Auction Cockpit in SAP Supplier Relationship Management (SRM) uses a deprecated java applet component within the affected SRM packages which allows an unauthenticated attacker to craft a malicious link, which when clicked by a victim, redirects the browser to a malicious site. On successful exploitation, the attacker could cause low impact on confidentiality and integrity with no impact on the availability of the application.

Severity: 6.1 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

The Case For Minimal WordPress Setups: A Contrarian View On Theme Frameworks

How To Fix Largest Contentful Paint Issues With Subpart Analysis

How To Prevent WordPress SQL Injection Attacks

AI is currently in its teenage years, battling raging hormones

The 2025 Wholesome Direct was chock-full of cozy casual games and aesthetic vibes

All known AMD Ryzen Z2 Series gaming handheld chips and how they are rumored to compare

“The original Mass Effect trilogy was absolutely an inspiration.” The RPG experts behind WH40K: Rogue Trader are hitting it big with ‘The Expanse: Osiris Reborn’

If you’ve started to notice Xbox console games showing up on the Xbox PC store, you’re not alone — what’s going on?

Master Image Processing in Node.js Using Sharp for Fast Web Apps

Master Image Processing in Node.js Using Sharp for Fast Web Apps

mkocansey/bladewind

Handling PostgreSQL Migrations in Node.js

The 2025 Wholesome Direct was chock-full of cozy casual games and aesthetic vibes

The 2025 Wholesome Direct was chock-full of cozy casual games and aesthetic vibes

All known AMD Ryzen Z2 Series gaming handheld chips and how they are rumored to compare

“The original Mass Effect trilogy was absolutely an inspiration.” The RPG experts behind WH40K: Rogue Trader are hitting it big with ‘The Expanse: Osiris Reborn’

CVE-2025-46239 – Theme Switcha Cross-site Scripting Vulnerability

CVE-2025-23235 – OpenHarmony Out-of-Bounds Read Denial of Service

CVE-2025-24493 – OpenHarmony race condition information leak vulnerability

CVE-2025-5677 – Campcodes Online Recruitment Management System SQL Injection

CVE-2025-20273 – Cisco Unified Intelligent Contact Management Enterprise Cross-Site Scripting Vulnerability

FIN7 Deploys Anubis Backdoor to Hijack Windows Systems via Compromised SharePoint Sites

The Ampere Porting Advisor Tutorial

CVE-2025-30010 – SAP SRM Java Applet Cross-Site Scripting (XSS)

CVE-2024-42191 – HCL Traveler for Microsoft Outlook COM Hijacking Vulnerability

NVIDIA Releases Llama Nemotron Nano 4B: An Efficient Open Reasoning Model Optimized for Edge AI and Scientific Tasks

Microsoft open-sources Windows Subsystem for Linux after nearly a decade

CVE-2025-46239 – Theme Switcha Cross-site Scripting Vulnerability

Related Posts