CVE-2025-49858 – Arconix Shortcodes Cross-site Scripting (XSS)

June 17, 2025

CVE ID : CVE-2025-49858

Published : June 17, 2025, 3:15 p.m. | 3 hours, 12 minutes ago

Description : Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in tychesoftwares Arconix Shortcodes allows Stored XSS. This issue affects Arconix Shortcodes: from n/a through 2.1.17.

Severity: 6.5 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-49859 – Etuel WP Views Counter Cross-Site Scripting (XSS)

Next Article CVE-2025-49857 – WPExperts.io myCred Missing Authorization Vulnerability

Representative Line: Brace Yourself

Beyond the Pilot: A Playbook for Enterprise-Scale Agentic AI

GitHub launches MCP Registry to provide central location for trusted servers

MongoDB brings Search and Vector Search to self-managed versions of database

Distribution Release: Security Onion 2.4.180

Distribution Release: Omarchy 3.0.1

Distribution Release: Mauna Linux 25

Distribution Release: SparkyLinux 2025.09

AI Momentum and Perficient’s Inclusion in Analyst Reports – Highlights From 2025 So Far

AI Momentum and Perficient’s Inclusion in Analyst Reports – Highlights From 2025 So Far

Shopping Portal using Python Django & MySQL

Perficient Earns Adobe’s Real-time CDP Specialization

Valve Survey Reveals Slight Retreat in Steam-on-Linux Share

Valve Survey Reveals Slight Retreat in Steam-on-Linux Share

Review: Elecrow’s All-in-one Starter Kit for Pico 2

FOSS Weekly #25.38: GNOME 49 Release, KDE Drama, sudo vs sudo-rs, Local AI on Android and More Linux Stuff

CVE-2025-49858 – Arconix Shortcodes Cross-site Scripting (XSS)

Cursor AI Code Editor Flaw Enables Silent Code Execution via Malicious Repositories

Introducing HybridPetya: Petya/NotPetya copycat with UEFI Secure Boot bypass

CVE-2025-49000 – InvenTree Label-Sheet Plugin Denial of Service Vulnerability

CVE-2025-6658 – PDF-XChange Editor PRC File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability

These are the AI features our EIC uses to maximize his time

CVE-2025-36852 – Amazon S3/Google Cloud Storage Remote Cache Artifact Injection Vulnerability

CVE-2025-48414 – Apache Web Interface Unauthenticated Script Execution Vulnerability

CryptoFortress mimics TorrentLocker but is a different ransomware

Windows 7 running natively on a Steam Deck is an affront to science — this tinkerer has Microsoft’s OS booting in portrait mode

LWiAI Podcast #210 – Claude 4, Google I/O 2025, Gemini Diffusion

CVE-2025-49858 – Arconix Shortcodes Cross-site Scripting (XSS)

Related Posts