CVE-2025-52782 – King Rayhan Scroll UP Cross-site Scripting Vulnerability

June 20, 2025

CVE ID : CVE-2025-52782

Published : June 20, 2025, 3:15 p.m. | 2 hours, 9 minutes ago

Description : Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in King Rayhan Scroll UP allows Reflected XSS. This issue affects Scroll UP: from n/a through 2.0.

Severity: 7.1 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-52783 – WooCommerce Change Cart Button Colors CSRF Stored XSS

Next Article CVE-2025-52781 – Beee TinyNav CSRF Stored XSS

Highlights

CVE-2025-3906 – Eduzz WooCommerce Unauthorized Data Modification Vulnerability

April 26, 2025

CVE ID : CVE-2025-3906

Published : April 26, 2025, 6:15 a.m. | 1 hour, 15 minutes ago

Description : The Integração entre Eduzz e Woocommerce plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the ‘wep_opcoes’ function in all versions up to, and including, 1.7.5. This makes it possible for authenticated attackers, with Subscriber-level access and above, to edit the default registration role within the plugin’s registration flow to Administrator, which allows any user to create an Administrator account.

Severity: 8.8 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

A Step-by-Step Implementation Tutorial for Building Modular AI Workflows Using Anthropic’s Claude Sonnet 3.7 through API and LangGraph

May 21, 2025

Google adds updated workspace templates in Firebase Studio that leverage new Agent mode

July 24, 2025

DarkWatchman, Sheriff Malware Hit Russia and Ukraine with Stealth and Nation-Grade Tactics

May 1, 2025

Automating Design Systems: Tips And Resources For Getting Started

OpenAI releases two open weight reasoning models

Accelerate tool adoption with a developer experimentation framework

UX Job Interview Helpers

Yes, you can edit video like a pro on Linux – here are my 4 go-to apps

I tried Perplexity’s new reservation feature, and it surprised me with new dining spots to try

Your Samsung TV is getting a huge feature upgrade – 3 AI tools launching right now

This multi-card reader is one of the best investments I’ve made for my creative workflow

Fluent Object Operations with Laravel’s Enhanced Helper Utilities

Fluent Object Operations with Laravel’s Enhanced Helper Utilities

Record and Replay Requests With Laravel ChronoTrace

How to Write Media Queries in Optimizely Configured Commerce (Spire)

Battlefield 6 Developers Confirm AI Bots Will Auto-fill Servers If Player Count Drops

Battlefield 6 Developers Confirm AI Bots Will Auto-fill Servers If Player Count Drops

Canon imageFORMULA R40 Driver for Windows 11, 10 (Download)

Microsoft to End Support for Visual Studio 2015 This October

CVE-2025-52782 – King Rayhan Scroll UP Cross-site Scripting Vulnerability

ESET Threat Report H1 2025: ClickFix, infostealer disruptions, and ransomware deathmatch

CISA Adds 3 D-Link Vulnerabilities to KEV Catalog Amid Active Exploitation Evidence

Top Hosting Platforms for Indie Hackers

CVE-2025-43845 – VITS Voice Changing Framework Remote Code Injection Vulnerability

One of the best PowerToys features just got even better — and it puts Windows Search to shame

Australia Adopts Global OT Cybersecurity Standards to Secure Energy, Water, and Smart Infrastructure

CVE-2025-3906 – Eduzz WooCommerce Unauthorized Data Modification Vulnerability

A Step-by-Step Implementation Tutorial for Building Modular AI Workflows Using Anthropic’s Claude Sonnet 3.7 through API and LangGraph

Google adds updated workspace templates in Firebase Studio that leverage new Agent mode

DarkWatchman, Sheriff Malware Hit Russia and Ukraine with Stealth and Nation-Grade Tactics

CVE-2025-52782 – King Rayhan Scroll UP Cross-site Scripting Vulnerability

Related Posts