Close Menu
    DevStackTipsDevStackTips
    • Home
    • News & Updates
      1. Tech & Work
      2. View All

      UX Job Interview Helpers

      August 5, 2025

      .NET Aspire’s CLI reaches general availability in 9.4 release

      August 5, 2025

      15 Essential Skills to Look for When Hiring Node.js Developers for Enterprise Projects (2025-2026)

      August 4, 2025

      African training program creates developers with cloud-native skills

      August 4, 2025

      Why I’ll keep the Samsung Z Fold 7 over the Pixel 10 Pro Fold – especially if these rumors are true

      August 5, 2025

      You may soon get Starlink internet for a much lower ‘Community’ price – here’s how

      August 5, 2025

      uBlock Origin Lite has finally arrived for Safari – with one important caveat

      August 5, 2025

      Perplexity says Cloudflare’s accusations of ‘stealth’ AI scraping are based on embarrassing errors

      August 5, 2025
    • Development
      1. Algorithms & Data Structures
      2. Artificial Intelligence
      3. Back-End Development
      4. Databases
      5. Front-End Development
      6. Libraries & Frameworks
      7. Machine Learning
      8. Security
      9. Software Engineering
      10. Tools & IDEs
      11. Web Design
      12. Web Development
      13. Web Security
      14. Programming Languages
        • PHP
        • JavaScript
      Featured

      Send Notifications in Laravel with Firebase Cloud Messaging and Notifire

      August 5, 2025
      Recent

      Send Notifications in Laravel with Firebase Cloud Messaging and Notifire

      August 5, 2025

      Simplified Batch Job Creation with Laravel’s Enhanced Artisan Command

      August 5, 2025

      Send Notifications in Laravel with Firebase Cloud Messaging and Notifire

      August 5, 2025
    • Operating Systems
      1. Windows
      2. Linux
      3. macOS
      Featured

      This comfy mesh office chair I’ve been testing costs less than $400 — but there’s a worthy alternative that’s far more affordable

      August 5, 2025
      Recent

      This comfy mesh office chair I’ve been testing costs less than $400 — but there’s a worthy alternative that’s far more affordable

      August 5, 2025

      How to get started with Markdown in the Notepad app for Windows 11

      August 5, 2025

      Microsoft Account Lockout: LibreOffice Developer’s Week-Long Nightmare Raises Concerns

      August 5, 2025
    • Learning Resources
      • Books
      • Cheatsheets
      • Tutorials & Guides
    Home»Security»Common Vulnerabilities and Exposures (CVEs)»CVE-2025-5490 – WordPress Football Pool Stored Cross-Site Scripting Vulnerability

    CVE-2025-5490 – WordPress Football Pool Stored Cross-Site Scripting Vulnerability

    June 19, 2025

    CVE ID : CVE-2025-5490

    Published : June 19, 2025, 6:15 a.m. | 4 hours, 21 minutes ago

    Description : The Football Pool plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 2.12.4 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level permissions and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. This only affects multi-site installations and installations where unfiltered_html has been disabled.

    Severity: 5.5 | MEDIUM

    Visit the link for more details, such as CVSS details, affected products, timeline, and more…

    Source: Read More

    Facebook Twitter Reddit Email Copy Link
    Previous ArticleCVE-2025-4571 – GiveWP – Donation Plugin and Fundraising Platform Unauthenticated Data Disclosure and Modification Vulnerability
    Next Article Cisco AnyConnect VPN Server Vulnerability Let Attackers Trigger DoS Attack

    Related Posts

    Development

    SonicWall Investigating Potential SSL VPN Zero-Day After 20+ Targeted Attacks Reported

    August 5, 2025
    Development

    Think Before You Download: UAE Cybersecurity Council Issues Warning on Unverified Apps

    August 5, 2025
    Leave A Reply Cancel Reply

    For security, use of Google's reCAPTCHA service is required which is subject to the Google Privacy Policy and Terms of Use.

    Continue Reading

    CVE-2025-24351 – CtrlX OS Remote Command Execution Vulnerability

    Common Vulnerabilities and Exposures (CVEs)

    moserial – serial terminal for GNOME desktop

    Linux

    Anthropic Releases Claude Opus 4 and Claude Sonnet 4: A Technical Leap in Reasoning, Coding, and AI Agent Design

    Machine Learning

    CVE-2025-49880 – CubeWP Forms Missing Authorization Vulnerability

    Common Vulnerabilities and Exposures (CVEs)

    Highlights

    CVE-2025-38168 – “ARM-NI Linux Kernel Perf PMU Unregister Vulnerability”

    July 3, 2025

    CVE ID : CVE-2025-38168

    Published : July 3, 2025, 9:15 a.m. | 2 hours, 14 minutes ago

    Description : In the Linux kernel, the following vulnerability has been resolved:

    perf: arm-ni: Unregister PMUs on probe failure

    When a resource allocation fails in one clock domain of an NI device,
    we need to properly roll back all previously registered perf PMUs in
    other clock domains of the same device.

    Otherwise, it can lead to kernel panics.

    Calling arm_ni_init+0x0/0xff8 [arm_ni] @ 2374
    arm-ni ARMHCB70:00: Failed to request PMU region 0x1f3c13000
    arm-ni ARMHCB70:00: probe with driver arm-ni failed with error -16
    list_add corruption: next->prev should be prev (fffffd01e9698a18),
    but was 0000000000000000. (next=ffff10001a0decc8).
    pstate: 6340009 (nZCv daif +PAN -UAO +TCO +DIT -SSBS BTYPE=–)
    pc : list_add_valid_or_report+0x7c/0xb8
    lr : list_add_valid_or_report+0x7c/0xb8
    Call trace:
    __list_add_valid_or_report+0x7c/0xb8
    perf_pmu_register+0x22c/0x3a0
    arm_ni_probe+0x554/0x70c [arm_ni]
    platform_probe+0x70/0xe8
    really_probe+0xc6/0x4d8
    driver_probe_device+0x48/0x170
    __driver_attach+0x8e/0x1c0
    bus_for_each_dev+0x64/0xf0
    driver_add+0x138/0x260
    bus_add_driver+0x68/0x138
    __platform_driver_register+0x2c/0x40
    arm_ni_init+0x14/0x2a [arm_ni]
    do_init_module+0x36/0x298
    —[ end trace 0000000000000000 ]—
    Kernel panic – not syncing: Oops – BUG: Fatal exception
    SMP: stopping secondary CPUs

    Severity: 0.0 | NA

    Visit the link for more details, such as CVSS details, affected products, timeline, and more…

    BSD Release: OpenBSD 7.7

    April 27, 2025

    CVE-2025-7936 – A vulnerability has been found in fuyang_lipengjun

    July 21, 2025

    It’s 2025 and almost half of you are still paying ransomware operators

    June 30, 2025
    © DevStackTips 2025. All rights reserved.
    • Contact
    • Privacy Policy

    Type above and press Enter to search. Press Esc to cancel.