CVE-2025-53311 – Navayan Subscribe CSRF Stored XSS

June 27, 2025

CVE ID : CVE-2025-53311

Published : June 27, 2025, 2:15 p.m. | 55 minutes ago

Description : Cross-Site Request Forgery (CSRF) vulnerability in Amol Nirmala Waman Navayan Subscribe allows Stored XSS. This issue affects Navayan Subscribe: from n/a through 1.13.

Severity: 7.1 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-53312 – OnionBuzz Looks Awesome CSRF Stored XSS

Next Article CVE-2025-53310 – Funnnny HidePost CSRF Reflected XSS

Highlights

CVE-2025-3467 – Dify Firefox XSS Token Stealer

July 7, 2025

CVE ID : CVE-2025-3467

Published : July 7, 2025, 10:15 a.m. | 3 hours, 29 minutes ago

Description : An XSS vulnerability exists in langgenius/dify versions prior to 1.1.3, specifically affecting Firefox browsers. This vulnerability allows an attacker to obtain the administrator’s token by sending a payload in the published chat. When the administrator views the conversation content through the monitoring/log function using Firefox, the XSS vulnerability is triggered, potentially exposing sensitive token information to the attacker.

Severity: 8.0 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

GitHub’s CEO Thomas Dohmke steps down, triggering tighter integration of company within Microsoft

bitHuman launches SDK for creating AI avatars

Designing With AI, Not Around It: Practical Advanced Techniques For Product Design Use Cases

Why Companies Are Investing in AI-Powered React.js Development Services in 2025

I found a Google Maps alternative that won’t track you or drain your battery – and it’s free

I tested this new AI podcast tool to see if it can beat NotebookLM – here’s how it did

Microsoft’s new update makes your taskbar a productivity hub – here’s how

Save $50 on the OnePlus Pad 3 plus get a free gift – here’s the deal

Laravel Global Scopes: Automatic Query Filtering

Laravel Global Scopes: Automatic Query Filtering

Building MCP Servers in PHP

Filament v4 is Stable!

I Asked OpenAI’s New Open-Source AI Model to Complete a Children’s School Test — Is It Smarter Than a 10-Year-Old?

I Asked OpenAI’s New Open-Source AI Model to Complete a Children’s School Test — Is It Smarter Than a 10-Year-Old?

Madden NFL 26 Leads This Week’s Xbox Drops—But Don’t Miss These Hidden Gems

ASUS G14 Bulked Up for 2025—Still Sexy, Just a Bit Chonkier

CVE-2025-53311 – Navayan Subscribe CSRF Stored XSS

Update WinRAR tools now: RomCom and others exploiting zero-day vulnerability

WinRAR zero-day exploited in espionage attacks against high-value targets

gopher64 is an N64 emulator written in Rust

CVE-2025-6307 – Code-projects Online Shoe Store SQL Injection Vulnerability

CVE-2025-5108 – Zongzhige ShopXO ZIP File Handler Unrestricted File Upload Vulnerability

CVE-2025-0639 – GitLab CE/EE Service Availability Denial of Service

CVE-2025-3467 – Dify Firefox XSS Token Stealer

Windows 11: Microsoft is adding Ask Copilot to right-click menu, how to remove it

Apache Parquet Java Vulnerability CVE-2025-46762 Exposes Systems to Remote Code Execution Attacks

NVIDIA GeForce 580.88 Driver Focuses on Game Support and Stability Fixes

CVE-2025-53311 – Navayan Subscribe CSRF Stored XSS

Related Posts