CVE-2025-49859 – Etuel WP Views Counter Cross-Site Scripting (XSS)

June 17, 2025

CVE ID : CVE-2025-49859

Published : June 17, 2025, 3:15 p.m. | 3 hours, 12 minutes ago

Description : Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in etruel WP Views Counter allows Stored XSS. This issue affects WP Views Counter: from n/a through 2.0.3.

Severity: 6.5 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-49862 – Motov.net Ebook Store Cross-Site Scripting

Next Article CVE-2025-49858 – Arconix Shortcodes Cross-site Scripting (XSS)

Highlights

CVE-2025-7076 – BlackVue Dashcam 590X Configuration Handler Local File Inclusion Vulnerability

July 5, 2025

CVE ID : CVE-2025-7076

Published : July 6, 2025, 1:15 a.m. | 53 minutes ago

Description : A vulnerability was found in BlackVue Dashcam 590X up to 20250624. It has been rated as critical. Affected by this issue is some unknown functionality of the file /upload.cgi of the component Configuration Handler. The manipulation leads to improper access controls. The attack needs to be initiated within the local network. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

Severity: 5.4 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

React.js for SaaS Platforms: How Top Development Teams Help Startups Launch Faster

Upwork Freelancers vs Dedicated React.js Teams: What’s Better for Your Project in 2025?

Is Agile dead in the age of AI?

Top 15 Enterprise Use Cases That Justify Hiring Node.js Developers in 2025

Unplugging these 7 common household devices helped reduce my electricity bills

DistroWatch Weekly, Issue 1133

Anthropic beats OpenAI as the top LLM provider for business – and it’s not even close

I bought Samsung’s Galaxy Watch Ultra 2025 – here’s why I have buyer’s remorse

The details of TC39’s last meeting

The details of TC39’s last meeting

Enhancing Laravel Queries with Reusable Scope Patterns

Everything We Know About Livewire 4

DistroWatch Weekly, Issue 1133

DistroWatch Weekly, Issue 1133

Newelle, a ‘Virtual Assistant’ for GNOME, Hits Version 1.0

Bustle – visualize D-Bus activity

CVE-2025-49859 – Etuel WP Views Counter Cross-Site Scripting (XSS)

CVE-2025-6754 – “WordPress SEO Metrics Privilege Escalation”

CVE-2025-7710 – “Brave Conversion Engine WordPress Facebook Authentication Bypass”

CVE-2025-5147 – Netcore NBR1005GPEV2, NBR200V2, B6V2 Command Injection Vulnerability

Digitale videorecorders TBK aangevallen door Mirai-botnet

CVE-2025-38347 – F2FS Inline Data Corruption Denial of Service (DoS) Vulnerability

CVE-2025-5799 – Tenda AC8 Stack-Based Buffer Overflow Vulnerability

CVE-2025-7076 – BlackVue Dashcam 590X Configuration Handler Local File Inclusion Vulnerability

Sublist3r — Sub-Domain Enumeration Tool

CVE-2025-46814 – FastAPI Guard HTTP Header Injection Vulnerability

WhatsApp Adds AI-Powered Message Summaries for Faster Chat Previews

CVE-2025-49859 – Etuel WP Views Counter Cross-Site Scripting (XSS)

Related Posts