https://vulnerability.circl.lu Contains only the most 10 recent sightings. http://www.rssboard.org/rss-specification python-feedgen en Sun, 10 May 2026 04:50:11 +0000 https://vulnerability.circl.lu/sighting/d17fe76a-0231-4618-909f-957efb81a241/export {"uuid": "d17fe76a-0231-4618-909f-957efb81a241", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-4564", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/16461", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-4564\n\ud83d\udd25 CVSS Score: 9.8 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)\n\ud83d\udd39 Description: The TicketBAI Facturas para WooCommerce plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation via the 'delpdf' action in all versions up to, and including, 3.18. This makes it possible for unauthenticated attackers to delete arbitrary files on the server, which can easily lead to remote code execution when the right file is deleted (such as wp-config.php).\n\ud83d\udccf Published: 2025-05-15T11:13:15.235Z\n\ud83d\udccf Modified: 2025-05-15T11:13:15.235Z\n\ud83d\udd17 References:\n1. https://www.wordfence.com/threat-intel/vulnerabilities/id/2927aa13-b012-41eb-93bd-38a4e5fc5455?source=cve\n2. https://plugins.trac.wordpress.org/browser/wp-ticketbai/trunk/wp-ticketbai.php#L240\n3. https://plugins.trac.wordpress.org/changeset/3292061/", "creation_timestamp": "2025-05-15T11:36:06.000000Z"} {"uuid": "d17fe76a-0231-4618-909f-957efb81a241", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-4564", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/16461", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-4564\n\ud83d\udd25 CVSS Score: 9.8 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)\n\ud83d\udd39 Description: The TicketBAI Facturas para WooCommerce plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation via the 'delpdf' action in all versions up to, and including, 3.18. This makes it possible for unauthenticated attackers to delete arbitrary files on the server, which can easily lead to remote code execution when the right file is deleted (such as wp-config.php).\n\ud83d\udccf Published: 2025-05-15T11:13:15.235Z\n\ud83d\udccf Modified: 2025-05-15T11:13:15.235Z\n\ud83d\udd17 References:\n1. https://www.wordfence.com/threat-intel/vulnerabilities/id/2927aa13-b012-41eb-93bd-38a4e5fc5455?source=cve\n2. https://plugins.trac.wordpress.org/browser/wp-ticketbai/trunk/wp-ticketbai.php#L240\n3. https://plugins.trac.wordpress.org/changeset/3292061/", "creation_timestamp": "2025-05-15T11:36:06.000000Z"} https://vulnerability.circl.lu/sighting/d17fe76a-0231-4618-909f-957efb81a241/export Thu, 15 May 2025 11:36:06 +0000 https://vulnerability.circl.lu/sighting/267b94a5-3067-4f17-b890-3b264c138db3/export {"uuid": "267b94a5-3067-4f17-b890-3b264c138db3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-4564", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lp7q7r4ob62r", "content": "", "creation_timestamp": "2025-05-15T14:33:10.247528Z"} {"uuid": "267b94a5-3067-4f17-b890-3b264c138db3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-4564", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lp7q7r4ob62r", "content": "", "creation_timestamp": "2025-05-15T14:33:10.247528Z"} https://vulnerability.circl.lu/sighting/267b94a5-3067-4f17-b890-3b264c138db3/export Thu, 15 May 2025 14:33:10 +0000