CVE-2025-48080 – Uncanny Owl Uncanny Toolkit for LearnDash Stored Cross-site Scripting

May 16, 2025

CVE ID : CVE-2025-48080

Published : May 16, 2025, 4:15 p.m. | 47 minutes ago

Description : Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in Uncanny Owl Uncanny Toolkit for LearnDash allows Stored XSS. This issue affects Uncanny Toolkit for LearnDash: from n/a through 3.7.0.2.

Severity: 6.5 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-48113 – Broadstreet Stored Cross-site Scripting

Next Article CVE-2025-48112 – Karimmughal Cross-site Scripting (XSS) Vulnerability

Sunshine And March Vibes (2025 Wallpapers Edition)

The Case For Minimal WordPress Setups: A Contrarian View On Theme Frameworks

How To Fix Largest Contentful Paint Issues With Subpart Analysis

How To Prevent WordPress SQL Injection Attacks

Microsoft has closed its “Experience Center” store in Sydney, Australia — as it ramps up a continued digital growth campaign

Bing Search APIs to be “decommissioned completely” as Microsoft urges developers to use its Azure agentic AI alternative

Microsoft might kill the Surface Laptop Studio as production is quietly halted

Minecraft licensing robbed us of this controversial NFL schedule release video

The power of generators

The power of generators

Simplify Factory Associations with Laravel’s UseFactory Attribute

This Week in Laravel: React Native, PhpStorm Junie, and more

Microsoft has closed its “Experience Center” store in Sydney, Australia — as it ramps up a continued digital growth campaign

Microsoft has closed its “Experience Center” store in Sydney, Australia — as it ramps up a continued digital growth campaign

Bing Search APIs to be “decommissioned completely” as Microsoft urges developers to use its Azure agentic AI alternative

Microsoft might kill the Surface Laptop Studio as production is quietly halted

CVE-2025-48080 – Uncanny Owl Uncanny Toolkit for LearnDash Stored Cross-site Scripting

Nmap 7.96 Launches with Lightning-Fast DNS and 612 Scripts

CVE-2025-2305 – Apache Linux Path Traversal Vulnerability

Weekly News for Designers

HyperHDR – ambient lighting implementation

Hydrogen – lightweight Matrix client

InternLM-XComposer-2.5 (IXC-2.5): A Versatile Large-Vision Language Model that Supports Long-Contextual Input and Output

Malicious Android Apps Pose as Google, Instagram, WhatsApp, to Steal Credentials

Researchers Identify Working Method to Exploit GitHub Artifacts to Hack Major Projects

Moving to Explicit Design Guidelines from Implicit Intent

The latest KB5049981 Patch Tuesday for Windows 10 causes SgrmBroker.exe to be terminated and users are quite worried about it

CVE-2025-48080 – Uncanny Owl Uncanny Toolkit for LearnDash Stored Cross-site Scripting

Related Posts