<?xml version='1.0' encoding='UTF-8'?>
<?xml-stylesheet href="/static/style.xsl" type="text/xsl"?>
<feed xmlns="http://www.w3.org/2005/Atom" xml:lang="en">
  <id>https://vulnerability.circl.lu/sightings/feed</id>
  <title>Most recent sightings.</title>
  <updated>2026-07-11T12:58:01.273869+00:00</updated>
  <author>
    <name>Vulnerability-Lookup</name>
    <email>info@circl.lu</email>
  </author>
  <link href="https://vulnerability.circl.lu" rel="alternate"/>
  <generator uri="https://lkiesow.github.io/python-feedgen" version="1.0.0">python-feedgen</generator>
  <subtitle>Contains only the most 10 recent sightings.</subtitle>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/783e6cdf-410a-41d5-b543-ee9fe6917dd8/export</id>
    <title>783e6cdf-410a-41d5-b543-ee9fe6917dd8</title>
    <updated>2026-07-11T12:58:01.295218+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cve.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "783e6cdf-410a-41d5-b543-ee9fe6917dd8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-7655", "type": "seen", "source": "https://bsky.app/profile/thehackerwire.bsky.social/post/3mqefrfptk52d", "content": "\ud83d\udfe0 CVE-2026-7655 - High (8.1)\n\nThe SureCart plugin for WordPress is vulnerable to privilege escalation via account takeover in v...\n\nhttps://www.thehackerwire.com/vulnerability/CVE-2026-7655/\n\n#infosec #cybersecurity #CVE #vulnerability #security #patchstack", "creation_timestamp": "2026-07-11T10:00:53.941705Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/783e6cdf-410a-41d5-b543-ee9fe6917dd8/export"/>
    <published>2026-07-11T10:00:53.941705+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/6b392ca5-d3a7-487e-af89-4a7e8ea350f0/export</id>
    <title>6b392ca5-d3a7-487e-af89-4a7e8ea350f0</title>
    <updated>2026-07-11T12:58:01.297998+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cve.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "6b392ca5-d3a7-487e-af89-4a7e8ea350f0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-7655", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mqe5xdiwcq2k", "content": "CVE-2026-7655 - SureCart\nCVE ID : CVE-2026-7655\n \n Published : July 11, 2026, 6:16 a.m. | 1\u00a0hour, 7\u00a0minutes ago\n \n Description : The SureCart plugin for WordPress is vulnerable to privilege escalation via account takeover in versions up to, and including, 4.2.3. This is due to...", "creation_timestamp": "2026-07-11T07:41:06.474811Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/6b392ca5-d3a7-487e-af89-4a7e8ea350f0/export"/>
    <published>2026-07-11T07:41:06.474811+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/4bdfa11c-a209-4ae4-9eb4-84fac3fc35b7/export</id>
    <title>4bdfa11c-a209-4ae4-9eb4-84fac3fc35b7</title>
    <updated>2026-07-11T12:58:01.298319+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cve.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "4bdfa11c-a209-4ae4-9eb4-84fac3fc35b7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-7655", "type": "seen", "source": "https://bsky.app/profile/kriptabiz.bsky.social/post/3mqe22ueiod22", "content": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c CVE-2026-7655 \u0432 \u043f\u043b\u0430\u0433\u0438\u043d\u0435 SureCart \u0434\u043b\u044f WordPress: \u0443\u0433\u0440\u043e\u0437\u0430 \u043f\u043e\u0432\u044b\u0448\u0435\u043d\u0438\u044f \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439\n\n\n\nhttps://kripta.biz/posts/A8C70316-F80B-4D3B-99E2-6B9CA2ABF470", "creation_timestamp": "2026-07-11T06:31:25.825130Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/4bdfa11c-a209-4ae4-9eb4-84fac3fc35b7/export"/>
    <published>2026-07-11T06:31:25.825130+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/9e278277-e157-4007-8694-b207c9090518/export</id>
    <title>9e278277-e157-4007-8694-b207c9090518</title>
    <updated>2026-07-11T12:58:01.298438+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cve.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "9e278277-e157-4007-8694-b207c9090518", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-7655", "type": "seen", "source": "https://bsky.app/profile/offseq.bsky.social/post/3mqdydvch3z2d", "content": "SureCart \u22644.2.3 (WordPress): HIGH severity vuln (CVE-2026-7655) lets attackers hijack accounts via weak identity checks in webhook sync. Restrict webhook access &amp;amp; monitor updates until patch confirmed. https://radar.offseq.com/threat/cve-2026-7655-cwe-640-weak-password-recovery-mecha-a10bd5499dce...", "creation_timestamp": "2026-07-11T06:00:42.077008Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/9e278277-e157-4007-8694-b207c9090518/export"/>
    <published>2026-07-11T06:00:42.077008+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/4a108d7d-fc2e-4ed9-aa06-ca719533b338/export</id>
    <title>4a108d7d-fc2e-4ed9-aa06-ca719533b338</title>
    <updated>2026-07-11T12:58:01.298504+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cve.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "4a108d7d-fc2e-4ed9-aa06-ca719533b338", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-7655", "type": "seen", "source": "https://infosec.exchange/users/offseq/statuses/116899815763339331", "content": "CVE-2026-7655 | HIGH severity in SureCart WordPress plugin (\u22644.2.3): Unauthenticated attackers can hijack accounts, including admins, by exploiting weak email validation in webhook sync. Restrict webhook access, monitor activity. https://radar.offseq.com/threat/cve-2026-7655-cwe-640-weak-password-recovery-mecha-a10bd5499dcec0f1 #OffSeq #WordPress #Infosec #Vuln", "creation_timestamp": "2026-07-11T06:00:32.044347Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/4a108d7d-fc2e-4ed9-aa06-ca719533b338/export"/>
    <published>2026-07-11T06:00:32.044347+00:00</published>
  </entry>
</feed>
