CVE-2025-29746 – Koillection Cross Site Scripting (XSS)

May 7, 2025

CVE ID : CVE-2025-29746

Published : May 7, 2025, 7:16 p.m. | 20 minutes ago

Description : Cross Site Scripting vulnerability in Koillection v.1.6.10 allows a remote attacker to escalate privileges via the collection, Wishlist and album components

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-30147 – Hyperledger Besu EC Point Crafting Vulnerability

Next Article CVE-2025-26168 – IXON VPN Client Local Privilege Escalation

Highlights

CVE-2025-5016 – Relevanssi WordPress Stored Cross-Site Scripting Vulnerability

May 31, 2025

CVE ID : CVE-2025-5016

Published : May 31, 2025, 4:15 a.m. | 1 hour, 27 minutes ago

Description : The Relevanssi – A Better Search plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Excerpt Highlights in all versions up to, and including, 4.24.5 (Free) and 2.27.6 (Premium) due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.

Severity: 4.7 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Agent Mode for Gemini added to Android Studio

Google’s Agent2Agent protocol finds new home at the Linux Foundation

Decoding The SVG path Element: Curve And Arc Commands

This week in AI dev tools: Gemini 2.5 Pro and Flash GA, GitHub Copilot Spaces, and more (June 20, 2025)

Microsoft is reportedly planning yet more major cuts at Xbox — as early as next week

Microsoft makes Windows 10 security updates FREE for an extra year — but there’s a catch, and you might not like it

“Deus Ex” just turned 25 years old and it’s still the best PC game of all time — you only need $2 to play it on practically anything

Where to buy a Meta Quest 3S Xbox Edition — and why it’s a better bargain than the “normal” Meta Quest 3S

Vite 7.0 Is Out

Vite 7.0 Is Out

Exploring JavaScript ES2025 Edition

Mastering Mixed DML Operations in Apex

Microsoft is reportedly planning yet more major cuts at Xbox — as early as next week

Microsoft is reportedly planning yet more major cuts at Xbox — as early as next week

Microsoft makes Windows 10 security updates FREE for an extra year — but there’s a catch, and you might not like it

“Deus Ex” just turned 25 years old and it’s still the best PC game of all time — you only need $2 to play it on practically anything

CVE-2025-29746 – Koillection Cross Site Scripting (XSS)

Rogue WordPress Plugin Unmasked: Stealthy Malware Skims Credit Cards & Steals Credentials

Urgent Advantech Alert: Critical Flaws (CVSS 9.6) Expose Industrial Automation to Remote Takeover, PoC Releases

South African Airways Suffers Cyberattack, Systems Restored Same Day

CVE-2025-6455 – Code-projects Online Hotel Reservation System SQL Injection Vulnerability

Retro is a customizable clock widget

Microsoft confirms Offline Calendar for New Outlook on Windows 11

CVE-2025-5016 – Relevanssi WordPress Stored Cross-Site Scripting Vulnerability

CVE-2025-3713 – “LCD KVM over IP Switch CL5708IM Heap-based Buffer Overflow Denial-of-Service Vulnerability”

MAINGEAR ULTIMA 18 Brings RTX 5090 Power & 4K 200Hz Display

Kie.ai: Most Affordable & Stable Veo 3 API with Synced Audio

CVE-2025-29746 – Koillection Cross Site Scripting (XSS)

Related Posts