https://vulnerability.circl.lu/sightings/feed 2026-05-31T21:49:06.252603+00:00 Vulnerability-Lookup info@circl.lu python-feedgen Contains only the most 10 recent sightings. https://vulnerability.circl.lu/sighting/89cdbb61-5c08-407a-976b-b7e95e5f85a9/export 2026-05-31T21:49:06.496818+00:00 Automation user https://cve.circl.lu/user/automation {"uuid": "89cdbb61-5c08-407a-976b-b7e95e5f85a9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-32280", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3llyvpxxhlo2i", "content": "", "creation_timestamp": "2025-04-04T17:07:31.311842Z"} 2025-04-04T17:07:31.311842+00:00 https://vulnerability.circl.lu/sighting/dc859ce8-fdcb-488e-8db7-ea28aab68c06/export 2026-05-31T21:49:06.496582+00:00 Automation user https://cve.circl.lu/user/automation {"uuid": "dc859ce8-fdcb-488e-8db7-ea28aab68c06", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-32280", "type": "seen", "source": "https://t.me/cvedetector/22156", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2025-32280 - WeDevs WP Project Manager CSRF\", \n \"Content\": \"CVE ID : CVE-2025-32280 \nPublished : April 4, 2025, 4:15 p.m. | 1\u00a0hour, 44\u00a0minutes ago \nDescription : Cross-Site Request Forgery (CSRF) vulnerability in weDevs WP Project Manager allows Cross Site Request Forgery. This issue affects WP Project Manager: from n/a through 2.6.22. \nSeverity: 4.3 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"04 Apr 2025\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-04-04T20:32:14.000000Z"} 2025-04-04T20:32:14+00:00 https://vulnerability.circl.lu/sighting/4edc210b-7497-4a29-9c7c-dd58fef52a1f/export 2026-05-31T21:49:06.496385+00:00 Automation user https://cve.circl.lu/user/automation {"uuid": "4edc210b-7497-4a29-9c7c-dd58fef52a1f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-32282", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/11199", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-32282\n\ud83d\udd25 CVSS Score: 4.3 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N)\n\ud83d\udd39 Description: Cross-Site Request Forgery (CSRF) vulnerability in ShareThis ShareThis Dashboard for Google Analytics. This issue affects ShareThis Dashboard for Google Analytics: from n/a through 3.2.2.\n\ud83d\udccf Published: 2025-04-10T08:09:48.186Z\n\ud83d\udccf Modified: 2025-04-10T08:09:48.186Z\n\ud83d\udd17 References:\n1. https://patchstack.com/database/wordpress/plugin/googleanalytics/vulnerability/wordpress-sharethis-dashboard-for-google-analytics-plugin-3-2-2-cross-site-request-forgery-csrf-vulnerability?_s_id=cve", "creation_timestamp": "2025-04-10T08:48:41.000000Z"} 2025-04-10T08:48:41+00:00 https://vulnerability.circl.lu/sighting/d34b42df-465f-4476-b15e-0ec9de43157a/export 2026-05-31T21:49:06.496244+00:00 Automation user https://cve.circl.lu/user/automation {"uuid": "d34b42df-465f-4476-b15e-0ec9de43157a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-32282", "type": "seen", "source": "https://t.me/cvedetector/22624", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2025-32282 - ShareThis Dashboard for Google Analytics CSRF Vulnerability\", \n \"Content\": \"CVE ID : CVE-2025-32282 \nPublished : April 10, 2025, 8:15 a.m. | 48\u00a0minutes ago \nDescription : Cross-Site Request Forgery (CSRF) vulnerability in ShareThis ShareThis Dashboard for Google Analytics. This issue affects ShareThis Dashboard for Google Analytics: from n/a through 3.2.2. \nSeverity: 4.3 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"10 Apr 2025\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-04-10T11:10:31.000000Z"} 2025-04-10T11:10:31+00:00 https://vulnerability.circl.lu/sighting/f06c0652-d23b-46aa-925f-86ea61b6bae3/export 2026-05-31T21:49:06.495981+00:00 Automation user https://cve.circl.lu/user/automation {"uuid": "f06c0652-d23b-46aa-925f-86ea61b6bae3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-32282", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lmhfslytf624", "content": "", "creation_timestamp": "2025-04-10T11:32:35.244954Z"} 2025-04-10T11:32:35.244954+00:00 https://vulnerability.circl.lu/sighting/4fa3e09a-0a18-43f8-994d-819f0005ead2/export 2026-05-31T21:49:06.495833+00:00 Automation user https://cve.circl.lu/user/automation {"uuid": "4fa3e09a-0a18-43f8-994d-819f0005ead2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-32287", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lpcodobdes2p", "content": "", "creation_timestamp": "2025-05-16T18:37:39.670921Z"} 2025-05-16T18:37:39.670921+00:00 https://vulnerability.circl.lu/sighting/cfb27b5c-0f32-46db-905e-01a82b3b3ac4/export 2026-05-31T21:49:06.495724+00:00 Automation user https://cve.circl.lu/user/automation {"uuid": "cfb27b5c-0f32-46db-905e-01a82b3b3ac4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-32285", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/17385", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-32285\n\ud83d\udd25 CVSS Score: 7.1 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L)\n\ud83d\udd39 Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ApusTheme Butcher allows Reflected XSS. This issue affects Butcher: from n/a through 2.40.\n\ud83d\udccf Published: 2025-05-23T12:43:59.597Z\n\ud83d\udccf Modified: 2025-05-23T13:23:27.473Z\n\ud83d\udd17 References:\n1. https://patchstack.com/database/wordpress/theme/butcher/vulnerability/wordpress-butcher-theme-2-40-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve", "creation_timestamp": "2025-05-23T14:00:07.000000Z"} 2025-05-23T14:00:07+00:00 https://vulnerability.circl.lu/sighting/98a2a3e2-4d7c-43ba-82b6-923728d0a6d1/export 2026-05-31T21:49:06.495603+00:00 Automation user https://cve.circl.lu/user/automation {"uuid": "98a2a3e2-4d7c-43ba-82b6-923728d0a6d1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-3228", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/18958", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-3228\n\ud83d\udd25 CVSS Score: 4.3 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N)\n\ud83d\udd39 Description: Mattermost versions 10.5.x <= 10.5.5, 9.11.x <= 9.11.15, 10.8.x <= 10.8.0, 10.7.x <= 10.7.2, 10.6.x <= 10.6.5 fail to properly retrieve requestorInfo from playbooks handler for guest users which allows an attacker access to the playbook run.\n\ud83d\udccf Published: 2025-06-20T14:31:49.162Z\n\ud83d\udccf Modified: 2025-06-20T14:31:49.162Z\n\ud83d\udd17 References:\n1. https://mattermost.com/security-updates", "creation_timestamp": "2025-06-20T14:43:34.000000Z"} 2025-06-20T14:43:34+00:00 https://vulnerability.circl.lu/sighting/4b3e4a4a-32fe-4bb9-9e35-6cdbe34d44ed/export 2026-05-31T21:49:06.495428+00:00 Automation user https://cve.circl.lu/user/automation {"uuid": "4b3e4a4a-32fe-4bb9-9e35-6cdbe34d44ed", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-32281", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/19708", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-32281\n\ud83d\udd25 CVSS Score: 9.8 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)\n\ud83d\udd39 Description: Missing Authorization vulnerability in FocuxTheme WPKit For Elementor allows Privilege Escalation. This issue affects WPKit For Elementor: from n/a through 1.1.0.\n\ud83d\udccf Published: 2025-06-27T11:52:36.905Z\n\ud83d\udccf Modified: 2025-06-27T13:42:35.259Z\n\ud83d\udd17 References:\n1. https://patchstack.com/database/wordpress/plugin/wpkit-elementor/vulnerability/wordpress-wpkit-for-elementor-plugin-1-1-0-arbitrary-option-update-to-privilege-escalation-vulnerability?_s_id=cve", "creation_timestamp": "2025-06-27T13:50:44.000000Z"} 2025-06-27T13:50:44+00:00 https://vulnerability.circl.lu/sighting/b8864dfa-90ec-4d76-890c-04dc24bd193a/export 2026-05-31T21:49:06.493066+00:00 Automation user https://cve.circl.lu/user/automation {"uuid": "b8864dfa-90ec-4d76-890c-04dc24bd193a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-32280", "type": "seen", "source": "Telegram/DpyuY30DJ1pr5lpZ1TsoyLIWT-1QQs66jLQv08yWDwU2R9I", "content": "", "creation_timestamp": "2026-04-01T21:29:56.000000Z"} 2026-04-01T21:29:56+00:00