https://vulnerability.circl.lu Contains only the most 10 recent sightings. http://www.rssboard.org/rss-specification python-feedgen en Fri, 08 May 2026 03:17:18 +0000 https://vulnerability.circl.lu/sighting/527e5584-4c02-4fea-ac5a-c06d5dba38f1/export {"uuid": "527e5584-4c02-4fea-ac5a-c06d5dba38f1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-30971", "type": "seen", "source": "https://mastodon.social/users/CyberSignaler/statuses/114261604036599875", "content": "", "creation_timestamp": "2025-04-01T07:48:34.778735Z"} {"uuid": "527e5584-4c02-4fea-ac5a-c06d5dba38f1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-30971", "type": "seen", "source": "https://mastodon.social/users/CyberSignaler/statuses/114261604036599875", "content": "", "creation_timestamp": "2025-04-01T07:48:34.778735Z"} https://vulnerability.circl.lu/sighting/527e5584-4c02-4fea-ac5a-c06d5dba38f1/export Tue, 01 Apr 2025 07:48:34 +0000 https://vulnerability.circl.lu/sighting/65348722-3d2d-4deb-a224-fc353f7a398e/export {"uuid": "65348722-3d2d-4deb-a224-fc353f7a398e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-30971", "type": "seen", "source": "https://t.me/cvedetector/21728", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2025-30971 - Xavi Ivars XV Random Quotes SQL Injection Vulnerability\", \n \"Content\": \"CVE ID : CVE-2025-30971 \nPublished : April 1, 2025, 6:15 a.m. | 1\u00a0hour, 5\u00a0minutes ago \nDescription : Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Xavi Ivars XV Random Quotes allows SQL Injection. This issue affects XV Random Quotes: from n/a through 1.40. \nSeverity: 9.3 | CRITICAL \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"01 Apr 2025\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-04-01T09:26:48.000000Z"} {"uuid": "65348722-3d2d-4deb-a224-fc353f7a398e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-30971", "type": "seen", "source": "https://t.me/cvedetector/21728", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2025-30971 - Xavi Ivars XV Random Quotes SQL Injection Vulnerability\", \n \"Content\": \"CVE ID : CVE-2025-30971 \nPublished : April 1, 2025, 6:15 a.m. | 1\u00a0hour, 5\u00a0minutes ago \nDescription : Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Xavi Ivars XV Random Quotes allows SQL Injection. This issue affects XV Random Quotes: from n/a through 1.40. \nSeverity: 9.3 | CRITICAL \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"01 Apr 2025\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-04-01T09:26:48.000000Z"} https://vulnerability.circl.lu/sighting/65348722-3d2d-4deb-a224-fc353f7a398e/export Tue, 01 Apr 2025 09:26:48 +0000 https://vulnerability.circl.lu/sighting/a3e7eebe-e2b2-43b8-bd07-a41eee876b8a/export {"uuid": "a3e7eebe-e2b2-43b8-bd07-a41eee876b8a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-3097", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/10038", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-3097\n\ud83d\udd25 CVSS Score: 6.1 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N)\n\ud83d\udd39 Description: The wp Time Machine plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 3.4.0. This is due to missing or incorrect nonce validation on the 'wpTimeMachineCore.php' page. This makes it possible for unauthenticated attackers to update settings and inject malicious web scripts via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.\n\ud83d\udccf Published: 2025-04-02T09:21:45.939Z\n\ud83d\udccf Modified: 2025-04-02T09:21:45.939Z\n\ud83d\udd17 References:\n1. https://www.wordfence.com/threat-intel/vulnerabilities/id/f44fdbb2-abb8-488f-bdc0-ec6eea93d92a?source=cve\n2. https://plugins.trac.wordpress.org/browser/wp-time-machine/trunk/includes/wpTimeMachineCore.php#L86\n3. https://wordpress.org/plugins/wp-time-machine/", "creation_timestamp": "2025-04-02T09:34:20.000000Z"} {"uuid": "a3e7eebe-e2b2-43b8-bd07-a41eee876b8a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-3097", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/10038", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-3097\n\ud83d\udd25 CVSS Score: 6.1 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N)\n\ud83d\udd39 Description: The wp Time Machine plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 3.4.0. This is due to missing or incorrect nonce validation on the 'wpTimeMachineCore.php' page. This makes it possible for unauthenticated attackers to update settings and inject malicious web scripts via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.\n\ud83d\udccf Published: 2025-04-02T09:21:45.939Z\n\ud83d\udccf Modified: 2025-04-02T09:21:45.939Z\n\ud83d\udd17 References:\n1. https://www.wordfence.com/threat-intel/vulnerabilities/id/f44fdbb2-abb8-488f-bdc0-ec6eea93d92a?source=cve\n2. https://plugins.trac.wordpress.org/browser/wp-time-machine/trunk/includes/wpTimeMachineCore.php#L86\n3. https://wordpress.org/plugins/wp-time-machine/", "creation_timestamp": "2025-04-02T09:34:20.000000Z"} https://vulnerability.circl.lu/sighting/a3e7eebe-e2b2-43b8-bd07-a41eee876b8a/export Wed, 02 Apr 2025 09:34:20 +0000 https://vulnerability.circl.lu/sighting/2ac06575-4cd2-45d5-83b0-b56d514bcdf4/export {"uuid": "2ac06575-4cd2-45d5-83b0-b56d514bcdf4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-3097", "type": "seen", "source": "https://t.me/cvedetector/21861", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2025-3097 - WordPress Time Machine CSRF\", \n \"Content\": \"CVE ID : CVE-2025-3097 \nPublished : April 2, 2025, 10:15 a.m. | 2\u00a0hours, 2\u00a0minutes ago \nDescription : The wp Time Machine plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 3.4.0. This is due to missing or incorrect nonce validation on the 'wpTimeMachineCore.php' page. This makes it possible for unauthenticated attackers to update settings and inject malicious web scripts via a forged request granted they can trick a site administrator into performing an action such as clicking on a link. \nSeverity: 6.1 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"02 Apr 2025\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-04-02T14:59:04.000000Z"} {"uuid": "2ac06575-4cd2-45d5-83b0-b56d514bcdf4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-3097", "type": "seen", "source": "https://t.me/cvedetector/21861", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2025-3097 - WordPress Time Machine CSRF\", \n \"Content\": \"CVE ID : CVE-2025-3097 \nPublished : April 2, 2025, 10:15 a.m. | 2\u00a0hours, 2\u00a0minutes ago \nDescription : The wp Time Machine plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 3.4.0. This is due to missing or incorrect nonce validation on the 'wpTimeMachineCore.php' page. This makes it possible for unauthenticated attackers to update settings and inject malicious web scripts via a forged request granted they can trick a site administrator into performing an action such as clicking on a link. \nSeverity: 6.1 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"02 Apr 2025\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-04-02T14:59:04.000000Z"} https://vulnerability.circl.lu/sighting/2ac06575-4cd2-45d5-83b0-b56d514bcdf4/export Wed, 02 Apr 2025 14:59:04 +0000 https://vulnerability.circl.lu/sighting/1de3f677-ce1c-4fcf-a50d-22d56d7868f1/export {"uuid": "1de3f677-ce1c-4fcf-a50d-22d56d7868f1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-30970", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lmv5o3cx5x2l", "content": "", "creation_timestamp": "2025-04-15T22:44:16.035093Z"} {"uuid": "1de3f677-ce1c-4fcf-a50d-22d56d7868f1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-30970", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lmv5o3cx5x2l", "content": "", "creation_timestamp": "2025-04-15T22:44:16.035093Z"} https://vulnerability.circl.lu/sighting/1de3f677-ce1c-4fcf-a50d-22d56d7868f1/export Tue, 15 Apr 2025 22:44:16 +0000 https://vulnerability.circl.lu/sighting/11425a47-44ac-40d2-9511-03bbbc66bd93/export {"uuid": "11425a47-44ac-40d2-9511-03bbbc66bd93", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-30970", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/11958", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-30970\n\ud83d\udd25 CVSS Score: 7.1 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L)\n\ud83d\udd39 Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound Easy Contact allows Reflected XSS. This issue affects Easy Contact: from n/a through 0.1.2.\n\ud83d\udccf Published: 2025-04-15T21:53:14.721Z\n\ud83d\udccf Modified: 2025-04-15T21:53:14.721Z\n\ud83d\udd17 References:\n1. https://patchstack.com/database/wordpress/plugin/easy-contact/vulnerability/wordpress-easy-contact-plugin-0-1-2-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve", "creation_timestamp": "2025-04-15T22:56:04.000000Z"} {"uuid": "11425a47-44ac-40d2-9511-03bbbc66bd93", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-30970", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/11958", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-30970\n\ud83d\udd25 CVSS Score: 7.1 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L)\n\ud83d\udd39 Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound Easy Contact allows Reflected XSS. This issue affects Easy Contact: from n/a through 0.1.2.\n\ud83d\udccf Published: 2025-04-15T21:53:14.721Z\n\ud83d\udccf Modified: 2025-04-15T21:53:14.721Z\n\ud83d\udd17 References:\n1. https://patchstack.com/database/wordpress/plugin/easy-contact/vulnerability/wordpress-easy-contact-plugin-0-1-2-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve", "creation_timestamp": "2025-04-15T22:56:04.000000Z"} https://vulnerability.circl.lu/sighting/11425a47-44ac-40d2-9511-03bbbc66bd93/export Tue, 15 Apr 2025 22:56:04 +0000 https://vulnerability.circl.lu/sighting/b93f84e2-f27e-4585-b5ee-cba0a05abd23/export {"uuid": "b93f84e2-f27e-4585-b5ee-cba0a05abd23", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-30970", "type": "seen", "source": "https://t.me/cvedetector/23027", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2025-30970 - Easy Contact Cross-Site Scripting\", \n \"Content\": \"CVE ID : CVE-2025-30970 \nPublished : April 15, 2025, 10:15 p.m. | 1\u00a0hour, 7\u00a0minutes ago \nDescription : Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound Easy Contact allows Reflected XSS. This issue affects Easy Contact: from n/a through 0.1.2. \nSeverity: 7.1 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"16 Apr 2025\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-04-16T01:49:00.000000Z"} {"uuid": "b93f84e2-f27e-4585-b5ee-cba0a05abd23", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-30970", "type": "seen", "source": "https://t.me/cvedetector/23027", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2025-30970 - Easy Contact Cross-Site Scripting\", \n \"Content\": \"CVE ID : CVE-2025-30970 \nPublished : April 15, 2025, 10:15 p.m. | 1\u00a0hour, 7\u00a0minutes ago \nDescription : Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound Easy Contact allows Reflected XSS. This issue affects Easy Contact: from n/a through 0.1.2. \nSeverity: 7.1 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"16 Apr 2025\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-04-16T01:49:00.000000Z"} https://vulnerability.circl.lu/sighting/b93f84e2-f27e-4585-b5ee-cba0a05abd23/export Wed, 16 Apr 2025 01:49:00 +0000 https://vulnerability.circl.lu/sighting/be52d604-440d-44d4-8d73-cef317580c3d/export {"uuid": "be52d604-440d-44d4-8d73-cef317580c3d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-30972", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/19711", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-30972\n\ud83d\udd25 CVSS Score: 7.1 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L)\n\ud83d\udd39 Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in iamapinan Woocommerce Line Notify allows Stored XSS. This issue affects Woocommerce Line Notify: from n/a through 1.1.7.\n\ud83d\udccf Published: 2025-06-27T11:52:39.371Z\n\ud83d\udccf Modified: 2025-06-27T13:42:14.527Z\n\ud83d\udd17 References:\n1. https://patchstack.com/database/wordpress/plugin/woo-line-notify/vulnerability/wordpress-woocommerce-line-notify-1-1-7-cross-site-scripting-xss-vulnerability?_s_id=cve", "creation_timestamp": "2025-06-27T13:50:47.000000Z"} {"uuid": "be52d604-440d-44d4-8d73-cef317580c3d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-30972", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/19711", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-30972\n\ud83d\udd25 CVSS Score: 7.1 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L)\n\ud83d\udd39 Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in iamapinan Woocommerce Line Notify allows Stored XSS. This issue affects Woocommerce Line Notify: from n/a through 1.1.7.\n\ud83d\udccf Published: 2025-06-27T11:52:39.371Z\n\ud83d\udccf Modified: 2025-06-27T13:42:14.527Z\n\ud83d\udd17 References:\n1. https://patchstack.com/database/wordpress/plugin/woo-line-notify/vulnerability/wordpress-woocommerce-line-notify-1-1-7-cross-site-scripting-xss-vulnerability?_s_id=cve", "creation_timestamp": "2025-06-27T13:50:47.000000Z"} https://vulnerability.circl.lu/sighting/be52d604-440d-44d4-8d73-cef317580c3d/export Fri, 27 Jun 2025 13:50:47 +0000 https://vulnerability.circl.lu/sighting/a2991555-96f7-4efa-8867-8f0b9df1f5fe/export {"uuid": "a2991555-96f7-4efa-8867-8f0b9df1f5fe", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-30979", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lt4xqaehx72r", "content": "", "creation_timestamp": "2025-07-04T09:50:26.608828Z"} {"uuid": "a2991555-96f7-4efa-8867-8f0b9df1f5fe", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-30979", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lt4xqaehx72r", "content": "", "creation_timestamp": "2025-07-04T09:50:26.608828Z"} https://vulnerability.circl.lu/sighting/a2991555-96f7-4efa-8867-8f0b9df1f5fe/export Fri, 04 Jul 2025 09:50:26 +0000 https://vulnerability.circl.lu/sighting/7f23cbc2-f7ad-42ae-b9b9-93b51fa84f0a/export {"uuid": "7f23cbc2-f7ad-42ae-b9b9-93b51fa84f0a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-30973", "type": "seen", "source": "MISP/2bceffac-02c3-4c54-a709-6e253b38ec76", "content": "", "creation_timestamp": "2025-09-09T20:56:46.000000Z"} {"uuid": "7f23cbc2-f7ad-42ae-b9b9-93b51fa84f0a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-30973", "type": "seen", "source": "MISP/2bceffac-02c3-4c54-a709-6e253b38ec76", "content": "", "creation_timestamp": "2025-09-09T20:56:46.000000Z"} https://vulnerability.circl.lu/sighting/7f23cbc2-f7ad-42ae-b9b9-93b51fa84f0a/export Tue, 09 Sep 2025 20:56:46 +0000