https://vulnerability.circl.lu Contains only the most 10 recent sightings. http://www.rssboard.org/rss-specification python-feedgen en Tue, 02 Jun 2026 19:28:21 +0000 https://vulnerability.circl.lu/sighting/81444e83-bbb1-4eef-a4d0-a581941e4f1c/export {"uuid": "81444e83-bbb1-4eef-a4d0-a581941e4f1c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-30615", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3ll56zw2krh2e", "content": "", "creation_timestamp": "2025-03-24T16:39:36.924250Z"} {"uuid": "81444e83-bbb1-4eef-a4d0-a581941e4f1c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-30615", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3ll56zw2krh2e", "content": "", "creation_timestamp": "2025-03-24T16:39:36.924250Z"} https://vulnerability.circl.lu/sighting/81444e83-bbb1-4eef-a4d0-a581941e4f1c/export Mon, 24 Mar 2025 16:39:36 +0000 https://vulnerability.circl.lu/sighting/5aa69fb2-8a91-4999-a093-bf13fb207541/export {"uuid": "5aa69fb2-8a91-4999-a093-bf13fb207541", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-30615", "type": "seen", "source": "https://t.me/cvedetector/20954", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2025-30615 - \"WP e-Commerce Style Email CSRF Code Injection\"\", \n \"Content\": \"CVE ID : CVE-2025-30615 \nPublished : March 24, 2025, 2:15 p.m. | 1\u00a0hour, 1\u00a0minute ago \nDescription : Cross-Site Request Forgery (CSRF) vulnerability in Jacob Schwartz WP e-Commerce Style Email allows Code Injection. This issue affects WP e-Commerce Style Email: from n/a through 0.6.2. \nSeverity: 9.6 | CRITICAL \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"24 Mar 2025\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-03-24T16:43:37.000000Z"} {"uuid": "5aa69fb2-8a91-4999-a093-bf13fb207541", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-30615", "type": "seen", "source": "https://t.me/cvedetector/20954", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2025-30615 - \"WP e-Commerce Style Email CSRF Code Injection\"\", \n \"Content\": \"CVE ID : CVE-2025-30615 \nPublished : March 24, 2025, 2:15 p.m. | 1\u00a0hour, 1\u00a0minute ago \nDescription : Cross-Site Request Forgery (CSRF) vulnerability in Jacob Schwartz WP e-Commerce Style Email allows Code Injection. This issue affects WP e-Commerce Style Email: from n/a through 0.6.2. \nSeverity: 9.6 | CRITICAL \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"24 Mar 2025\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-03-24T16:43:37.000000Z"} https://vulnerability.circl.lu/sighting/5aa69fb2-8a91-4999-a093-bf13fb207541/export Mon, 24 Mar 2025 16:43:37 +0000 https://vulnerability.circl.lu/sighting/11b6178e-5101-4cf7-8590-10d5e8996442/export {"uuid": "11b6178e-5101-4cf7-8590-10d5e8996442", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-30617", "type": "seen", "source": "https://t.me/cvedetector/20955", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2025-30617 - Takien Rewrite CSRF Vulnerability\", \n \"Content\": \"CVE ID : CVE-2025-30617 \nPublished : March 24, 2025, 2:15 p.m. | 1\u00a0hour, 1\u00a0minute ago \nDescription : Cross-Site Request Forgery (CSRF) vulnerability in takien Rewrite allows Cross Site Request Forgery. This issue affects Rewrite: from n/a through 0.2.1. \nSeverity: 4.3 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"24 Mar 2025\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-03-24T16:43:38.000000Z"} {"uuid": "11b6178e-5101-4cf7-8590-10d5e8996442", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-30617", "type": "seen", "source": "https://t.me/cvedetector/20955", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2025-30617 - Takien Rewrite CSRF Vulnerability\", \n \"Content\": \"CVE ID : CVE-2025-30617 \nPublished : March 24, 2025, 2:15 p.m. | 1\u00a0hour, 1\u00a0minute ago \nDescription : Cross-Site Request Forgery (CSRF) vulnerability in takien Rewrite allows Cross Site Request Forgery. This issue affects Rewrite: from n/a through 0.2.1. \nSeverity: 4.3 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"24 Mar 2025\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-03-24T16:43:38.000000Z"} https://vulnerability.circl.lu/sighting/11b6178e-5101-4cf7-8590-10d5e8996442/export Mon, 24 Mar 2025 16:43:38 +0000 https://vulnerability.circl.lu/sighting/f8a2db6f-6154-462b-839e-665fcfdd9603/export {"uuid": "f8a2db6f-6154-462b-839e-665fcfdd9603", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-30619", "type": "seen", "source": "https://t.me/cvedetector/20956", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2025-30619 - SpeakPipe CSRF\", \n \"Content\": \"CVE ID : CVE-2025-30619 \nPublished : March 24, 2025, 2:15 p.m. | 1\u00a0hour, 1\u00a0minute ago \nDescription : Cross-Site Request Forgery (CSRF) vulnerability in SpeakPipe SpeakPipe allows Cross Site Request Forgery. This issue affects SpeakPipe: from n/a through 0.2. \nSeverity: 5.4 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"24 Mar 2025\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-03-24T16:43:39.000000Z"} {"uuid": "f8a2db6f-6154-462b-839e-665fcfdd9603", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-30619", "type": "seen", "source": "https://t.me/cvedetector/20956", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2025-30619 - SpeakPipe CSRF\", \n \"Content\": \"CVE ID : CVE-2025-30619 \nPublished : March 24, 2025, 2:15 p.m. | 1\u00a0hour, 1\u00a0minute ago \nDescription : Cross-Site Request Forgery (CSRF) vulnerability in SpeakPipe SpeakPipe allows Cross Site Request Forgery. This issue affects SpeakPipe: from n/a through 0.2. \nSeverity: 5.4 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"24 Mar 2025\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-03-24T16:43:39.000000Z"} https://vulnerability.circl.lu/sighting/f8a2db6f-6154-462b-839e-665fcfdd9603/export Mon, 24 Mar 2025 16:43:39 +0000 https://vulnerability.circl.lu/sighting/3c467004-1ddb-49cb-923c-36714dcd6e3d/export {"uuid": "3c467004-1ddb-49cb-923c-36714dcd6e3d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-30610", "type": "seen", "source": "https://t.me/cvedetector/20961", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2025-30610 - Catchsquare WP Social Widget Cross-Site Scripting\", \n \"Content\": \"CVE ID : CVE-2025-30610 \nPublished : March 24, 2025, 2:15 p.m. | 1\u00a0hour, 1\u00a0minute ago \nDescription : Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in catchsquare WP Social Widget allows Stored XSS. This issue affects WP Social Widget: from n/a through 2.2.6. \nSeverity: 6.5 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"24 Mar 2025\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-03-24T16:43:45.000000Z"} {"uuid": "3c467004-1ddb-49cb-923c-36714dcd6e3d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-30610", "type": "seen", "source": "https://t.me/cvedetector/20961", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2025-30610 - Catchsquare WP Social Widget Cross-Site Scripting\", \n \"Content\": \"CVE ID : CVE-2025-30610 \nPublished : March 24, 2025, 2:15 p.m. | 1\u00a0hour, 1\u00a0minute ago \nDescription : Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in catchsquare WP Social Widget allows Stored XSS. This issue affects WP Social Widget: from n/a through 2.2.6. \nSeverity: 6.5 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"24 Mar 2025\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-03-24T16:43:45.000000Z"} https://vulnerability.circl.lu/sighting/3c467004-1ddb-49cb-923c-36714dcd6e3d/export Mon, 24 Mar 2025 16:43:45 +0000 https://vulnerability.circl.lu/sighting/be05f724-a9ac-4ab5-8115-4788f8a1d7ec/export {"uuid": "be05f724-a9ac-4ab5-8115-4788f8a1d7ec", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-30612", "type": "seen", "source": "https://t.me/cvedetector/20962", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2025-30612 - Mandegarweb Replace Default Words CSRF Stored XSS\", \n \"Content\": \"CVE ID : CVE-2025-30612 \nPublished : March 24, 2025, 2:15 p.m. | 1\u00a0hour, 1\u00a0minute ago \nDescription : Cross-Site Request Forgery (CSRF) vulnerability in mandegarweb Replace Default Words allows Stored XSS. This issue affects Replace Default Words: from n/a through 1.3. \nSeverity: 7.1 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"24 Mar 2025\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-03-24T16:43:46.000000Z"} {"uuid": "be05f724-a9ac-4ab5-8115-4788f8a1d7ec", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-30612", "type": "seen", "source": "https://t.me/cvedetector/20962", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2025-30612 - Mandegarweb Replace Default Words CSRF Stored XSS\", \n \"Content\": \"CVE ID : CVE-2025-30612 \nPublished : March 24, 2025, 2:15 p.m. | 1\u00a0hour, 1\u00a0minute ago \nDescription : Cross-Site Request Forgery (CSRF) vulnerability in mandegarweb Replace Default Words allows Stored XSS. This issue affects Replace Default Words: from n/a through 1.3. \nSeverity: 7.1 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"24 Mar 2025\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-03-24T16:43:46.000000Z"} https://vulnerability.circl.lu/sighting/be05f724-a9ac-4ab5-8115-4788f8a1d7ec/export Mon, 24 Mar 2025 16:43:46 +0000 https://vulnerability.circl.lu/sighting/8773d026-ff15-48d8-bd5c-a8fa6488f946/export {"uuid": "8773d026-ff15-48d8-bd5c-a8fa6488f946", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-3061", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/9778", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-3061\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: Vulnerability in Drupal Material Admin.This issue affects Material Admin: *.*.\n\ud83d\udccf Published: 2025-03-31T22:22:02.658Z\n\ud83d\udccf Modified: 2025-03-31T22:22:02.658Z\n\ud83d\udd17 References:\n1. https://www.drupal.org/sa-contrib-2025-006", "creation_timestamp": "2025-03-31T22:31:18.000000Z"} {"uuid": "8773d026-ff15-48d8-bd5c-a8fa6488f946", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-3061", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/9778", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-3061\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: Vulnerability in Drupal Material Admin.This issue affects Material Admin: *.*.\n\ud83d\udccf Published: 2025-03-31T22:22:02.658Z\n\ud83d\udccf Modified: 2025-03-31T22:22:02.658Z\n\ud83d\udd17 References:\n1. https://www.drupal.org/sa-contrib-2025-006", "creation_timestamp": "2025-03-31T22:31:18.000000Z"} https://vulnerability.circl.lu/sighting/8773d026-ff15-48d8-bd5c-a8fa6488f946/export Mon, 31 Mar 2025 22:31:18 +0000 https://vulnerability.circl.lu/sighting/6ab6c5ff-0010-48be-9e9d-d79aad73cdcb/export {"uuid": "6ab6c5ff-0010-48be-9e9d-d79aad73cdcb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-3061", "type": "seen", "source": "https://t.me/cvedetector/21681", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2025-3061 - \"Drupal Material Admin Stored Cross-Site Scripting\"\", \n \"Content\": \"CVE ID : CVE-2025-3061 \nPublished : March 31, 2025, 11:15 p.m. | 1\u00a0hour, 53\u00a0minutes ago \nDescription : Vulnerability in Drupal Material Admin.This issue affects Material Admin: *.*. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"01 Apr 2025\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-04-01T03:35:10.000000Z"} {"uuid": "6ab6c5ff-0010-48be-9e9d-d79aad73cdcb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-3061", "type": "seen", "source": "https://t.me/cvedetector/21681", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2025-3061 - \"Drupal Material Admin Stored Cross-Site Scripting\"\", \n \"Content\": \"CVE ID : CVE-2025-3061 \nPublished : March 31, 2025, 11:15 p.m. | 1\u00a0hour, 53\u00a0minutes ago \nDescription : Vulnerability in Drupal Material Admin.This issue affects Material Admin: *.*. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"01 Apr 2025\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-04-01T03:35:10.000000Z"} https://vulnerability.circl.lu/sighting/6ab6c5ff-0010-48be-9e9d-d79aad73cdcb/export Tue, 01 Apr 2025 03:35:10 +0000 https://vulnerability.circl.lu/sighting/e852868d-07ce-430f-b357-1bc791350153/export {"uuid": "e852868d-07ce-430f-b357-1bc791350153", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-30613", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/9878", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-30613\n\ud83d\udd25 CVSS Score: 6.5 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L)\n\ud83d\udd39 Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in N-Media Nmedia MailChimp allows Stored XSS. This issue affects Nmedia MailChimp: from n/a through 5.4.\n\ud83d\udccf Published: 2025-04-01T05:31:35.525Z\n\ud83d\udccf Modified: 2025-04-01T13:24:38.842Z\n\ud83d\udd17 References:\n1. https://patchstack.com/database/wordpress/plugin/nmedia-mailchimp-widget/vulnerability/wordpress-nmedia-mailchimp-5-4-cross-site-scripting-xss-vulnerability?_s_id=cve", "creation_timestamp": "2025-04-01T13:32:19.000000Z"} {"uuid": "e852868d-07ce-430f-b357-1bc791350153", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-30613", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/9878", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-30613\n\ud83d\udd25 CVSS Score: 6.5 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L)\n\ud83d\udd39 Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in N-Media Nmedia MailChimp allows Stored XSS. This issue affects Nmedia MailChimp: from n/a through 5.4.\n\ud83d\udccf Published: 2025-04-01T05:31:35.525Z\n\ud83d\udccf Modified: 2025-04-01T13:24:38.842Z\n\ud83d\udd17 References:\n1. https://patchstack.com/database/wordpress/plugin/nmedia-mailchimp-widget/vulnerability/wordpress-nmedia-mailchimp-5-4-cross-site-scripting-xss-vulnerability?_s_id=cve", "creation_timestamp": "2025-04-01T13:32:19.000000Z"} https://vulnerability.circl.lu/sighting/e852868d-07ce-430f-b357-1bc791350153/export Tue, 01 Apr 2025 13:32:19 +0000 https://vulnerability.circl.lu/sighting/771a215a-12aa-48a7-b908-f8797a5615fa/export {"uuid": "771a215a-12aa-48a7-b908-f8797a5615fa", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-30614", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/9879", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-30614\n\ud83d\udd25 CVSS Score: 7.1 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L)\n\ud83d\udd39 Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Haozhe Xie Google Font Fix allows Reflected XSS. This issue affects Google Font Fix: from n/a through 2.3.1.\n\ud83d\udccf Published: 2025-04-01T05:31:35.680Z\n\ud83d\udccf Modified: 2025-04-01T13:23:49.162Z\n\ud83d\udd17 References:\n1. https://patchstack.com/database/wordpress/plugin/google-font-fix/vulnerability/wordpress-google-font-fix-plugin-2-3-1-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve", "creation_timestamp": "2025-04-01T13:32:19.000000Z"} {"uuid": "771a215a-12aa-48a7-b908-f8797a5615fa", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-30614", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/9879", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-30614\n\ud83d\udd25 CVSS Score: 7.1 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L)\n\ud83d\udd39 Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Haozhe Xie Google Font Fix allows Reflected XSS. This issue affects Google Font Fix: from n/a through 2.3.1.\n\ud83d\udccf Published: 2025-04-01T05:31:35.680Z\n\ud83d\udccf Modified: 2025-04-01T13:23:49.162Z\n\ud83d\udd17 References:\n1. https://patchstack.com/database/wordpress/plugin/google-font-fix/vulnerability/wordpress-google-font-fix-plugin-2-3-1-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve", "creation_timestamp": "2025-04-01T13:32:19.000000Z"} https://vulnerability.circl.lu/sighting/771a215a-12aa-48a7-b908-f8797a5615fa/export Tue, 01 Apr 2025 13:32:19 +0000