CVE-2025-4579 – WordPress Content Security Plugin Stored Cross-Site Scripting

May 15, 2025

CVE ID : CVE-2025-4579

Published : May 15, 2025, 2:15 a.m. | 52 minutes ago

Description : The WP Content Security Plugin plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the blocked-uri and effective-directive parameters in all versions up to, and including, 2.3 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.

Severity: 7.2 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-3917 – “Baidu Station SEO Plugin Arbitrary File Upload Vulnerability”

Next Article CVE-2025-47783 – Label Studio Cross-Site Scripting (XSS)

How AI further empowers value stream management

12 Top ReactJS Development Companies in 2025

Not sure where to go with AI? Here’s your roadmap.

This week in AI dev tools: A2A donated to Linux Foundation, OpenAI adds Deep Research to API, and more (June 27, 2025)

Microsoft’s Copilot+ has been here over a year and I still don’t care about it — but I do wish I had one of its features

SteelSeries’ latest wireless mouse is cheap and colorful — but is this the one to spend your money on?

DistroWatch Weekly, Issue 1128

Your Slack app is getting a big upgrade – here’s how to try the new AI features

How Code Feedback MCP Enhances AI-Generated Code Quality

How Code Feedback MCP Enhances AI-Generated Code Quality

PRSS Site Creator – Create Blogs and Websites from Your Desktop

Say hello to ECMAScript 2025

Microsoft’s Copilot+ has been here over a year and I still don’t care about it — but I do wish I had one of its features

Microsoft’s Copilot+ has been here over a year and I still don’t care about it — but I do wish I had one of its features

SteelSeries’ latest wireless mouse is cheap and colorful — but is this the one to spend your money on?

Microsoft confirms Windows 11 25H2, might make Windows more stable

CVE-2025-4579 – WordPress Content Security Plugin Stored Cross-Site Scripting

It’s 2025 and almost half of you are still paying ransomware operators

CVE-2025-6218 WinRAR Directory Traversal Vulnerability

CVE-2025-48926 – TeleMessage Information Disclosure

Actionsflow automates developers’ workflows based on GitHub actions

CVE-2025-5827 – Autel MaxiCharger AC Wallbox Commercial BLE Stack-based Buffer Overflow Remote Code Execution Vulnerability

ChatGPT Spots Cancer Missed by Doctors; Woman Says It Saved Her Life

CVE-2025-5543 – TOTOLINK X2000R Cross-Site Scripting Vulnerability in Parent Controls Page

AI achieves silver-medal standard solving International Mathematical Olympiad problems

Beyond the Prompt: Finding the AI Design Tool That Actually Works for Designers

CVE-2025-50369 – PHPGurukul Medical Card Generation System CSRF Vulnerability

CVE-2025-4579 – WordPress Content Security Plugin Stored Cross-Site Scripting

Related Posts