<?xml version='1.0' encoding='UTF-8'?>
<?xml-stylesheet href="/static/style.xsl" type="text/xsl"?>
<feed xmlns="http://www.w3.org/2005/Atom" xml:lang="en">
  <id>https://vulnerability.circl.lu/sightings/feed</id>
  <title>Most recent sightings.</title>
  <updated>2026-07-01T17:49:59.780187+00:00</updated>
  <author>
    <name>Vulnerability-Lookup</name>
    <email>info@circl.lu</email>
  </author>
  <link href="https://vulnerability.circl.lu" rel="alternate"/>
  <generator uri="https://lkiesow.github.io/python-feedgen" version="1.0.0">python-feedgen</generator>
  <subtitle>Contains only the most 10 recent sightings.</subtitle>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/1149bff3-96ca-4de0-a11d-34b1903737b1/export</id>
    <title>1149bff3-96ca-4de0-a11d-34b1903737b1</title>
    <updated>2026-07-01T17:49:59.801881+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cve.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "1149bff3-96ca-4de0-a11d-34b1903737b1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-12114", "type": "seen", "source": "https://bsky.app/profile/atomicedge.bsky.social/post/3mpj3mcrhki26", "content": "CVE-2026-12114 team-showcase-supreme (CVSS Score 4.4) \n\n#WordPress plugin #vulnerability #cybersecurity #wordpressfirewall #hacking #wpsecurity #atomicedge #cybersecurity #malware #vulnerabilityresearch #cve #redteam #proofofconcept", "creation_timestamp": "2026-06-30T13:17:12.698675Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/1149bff3-96ca-4de0-a11d-34b1903737b1/export"/>
    <published>2026-06-30T13:17:12.698675+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/c2472e90-6b27-40f5-9c55-874141077f51/export</id>
    <title>c2472e90-6b27-40f5-9c55-874141077f51</title>
    <updated>2026-07-01T17:49:59.804405+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cve.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "c2472e90-6b27-40f5-9c55-874141077f51", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-12114", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mpicx2mqwf2h", "content": "CVE-2026-12114 - Team Members\nCVE ID : CVE-2026-12114\n \n Published : June 30, 2026, 2:30 a.m. | 3\u00a0hours, 15\u00a0minutes ago\n \n Description : The Team Members \u2013 Multi Language Supported Team Plugin plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings...", "creation_timestamp": "2026-06-30T05:55:49.303395Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/c2472e90-6b27-40f5-9c55-874141077f51/export"/>
    <published>2026-06-30T05:55:49.303395+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/16f1e044-e0f9-4449-9d43-9c2faa21bc02/export</id>
    <title>16f1e044-e0f9-4449-9d43-9c2faa21bc02</title>
    <updated>2026-07-01T17:49:59.804542+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cve.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "16f1e044-e0f9-4449-9d43-9c2faa21bc02", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-12114", "type": "seen", "source": "https://infosec.exchange/users/offseq/statuses/116837176228934766", "content": "CVE-2026-12114: Stored XSS in wpmart Team Members plugin &amp;lt;=8.7 (WordPress). MEDIUM severity. Admins on multi-site or with unfiltered_html disabled can inject scripts. Restrict trusted admin access, monitor for patches. https://radar.offseq.com/threat/cve-2026-12114-cwe-79-improper-neutralization-of-i-07f3bfb7aa84d417 #OffSeq #WordPress #XSS", "creation_timestamp": "2026-06-30T04:30:33.913324Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/16f1e044-e0f9-4449-9d43-9c2faa21bc02/export"/>
    <published>2026-06-30T04:30:33.913324+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/f8e3d6d4-36b2-4d84-a3c7-df8e042c920b/export</id>
    <title>f8e3d6d4-36b2-4d84-a3c7-df8e042c920b</title>
    <updated>2026-07-01T17:49:59.804655+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cve.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "f8e3d6d4-36b2-4d84-a3c7-df8e042c920b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-12114", "type": "seen", "source": "https://bsky.app/profile/offseq.bsky.social/post/3mpi66hflyi2e", "content": "wpmart Team Members plugin &amp;lt;=8.7 has a MEDIUM severity stored XSS (CVE-2026-12114). Admins on specific WordPress setups can inject scripts. Limit admin access and monitor for fixes. https://radar.offseq.com/threat/cve-2026-12114-cwe-79-improper-neutralization-of-i-07f3bfb7aa84d417 #OffSeq #WordPr...", "creation_timestamp": "2026-06-30T04:30:29.455791Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/f8e3d6d4-36b2-4d84-a3c7-df8e042c920b/export"/>
    <published>2026-06-30T04:30:29.455791+00:00</published>
  </entry>
</feed>
