CVE-2025-3781 – WordPress Raisely Donation Form Stored Cross-Site Scripting Vulnerability

May 21, 2025

CVE ID : CVE-2025-3781

Published : May 21, 2025, 12:16 p.m. | 2 hours, 34 minutes ago

Description : The Raisely Donation Form plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin’s raisely_donation_form shortcode in all versions up to, and including, 1.0 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.

Severity: 6.4 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-48413 – Apache Device Hard-Coded Root Password Backdoor

Next Article CVE-2025-3750 – WordPress Network Posts Extended Stored Cross-Site Scripting (XSS)

Highlights

CVE-2025-5859 – PHPGurukul Nipah Virus Testing Management System SQL Injection Vulnerability

June 9, 2025

CVE ID : CVE-2025-5859

Published : June 9, 2025, 4:15 a.m. | 1 hour, 24 minutes ago

Description : A vulnerability was found in PHPGurukul Nipah Virus Testing Management System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /test-details.php. The manipulation of the argument assignto leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.

Severity: 6.3 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

A Week In The Life Of An AI-Augmented Designer

This week in AI updates: Gemini Code Assist Agent Mode, GitHub’s Agents panel, and more (August 22, 2025)

Microsoft adds Copilot-powered debugging features for .NET in Visual Studio

Blackstone portfolio company R Systems Acquires Novigo Solutions, Strengthening its Product Engineering and Full-Stack Agentic-AI Capabilities

I found the ultimate MacBook Air alternative for Windows users – and it’s priced well

Outdated IT help desks are holding businesses back – but there is a solution

Android’s latest update can force apps into dark mode – how to see it now

I tried the Google Pixel Watch 4 – and these key features made it feel indispensable

Building Cross-Platform Alerts with Laravel’s Notification Framework

Building Cross-Platform Alerts with Laravel’s Notification Framework

Add Notes Functionality to Eloquent Models With the Notable Package

How to install OpenPlatform — IoT platform

Basics of Digital Forensics

Basics of Digital Forensics

Top Linux Server Automation Tools: Simplifying System Administration

Rising from the Ashes: How AlmaLinux and Rocky Linux Redefined the Post-CentOS Landscape

CVE-2025-3781 – WordPress Raisely Donation Form Stored Cross-Site Scripting Vulnerability

“What happens online stays online” and other cyberbullying myths, debunked

The need for speed: Why organizations are turning to rapid, trustworthy MDR

CVE-2025-49199 – VMware vRealize Log Insight Unauthenticated ZIP File Tampering Vulnerability

Making AI models more trustworthy for high-stakes settings

Hand TeX is a handwritten LaTeX symbol classifier

CVE-2024-55909 – IBM Concert Software Archive File DoS

CVE-2025-5859 – PHPGurukul Nipah Virus Testing Management System SQL Injection Vulnerability

Mozilla Firefox 138 introduces profile manager and more

Wacom says its new drawing tablet needs no setup and has a pen that can’t die

CVE-2025-6104 – Wifi-soft UniBox Controller Os Command Injection Vulnerability

CVE-2025-3781 – WordPress Raisely Donation Form Stored Cross-Site Scripting Vulnerability

Related Posts