<?xml version='1.0' encoding='UTF-8'?>
<?xml-stylesheet href="/static/style.xsl" type="text/xsl"?>
<rss xmlns:atom="http://www.w3.org/2005/Atom" xmlns:content="http://purl.org/rss/1.0/modules/content/" version="2.0">
  <channel>
    <title>Most recent sightings.</title>
    <link>https://vulnerability.circl.lu</link>
    <description>Contains only the most 10 recent sightings.</description>
    <docs>http://www.rssboard.org/rss-specification</docs>
    <generator>python-feedgen</generator>
    <language>en</language>
    <lastBuildDate>Thu, 09 Jul 2026 18:28:00 +0000</lastBuildDate>
    <item>
      <title>3ddc6269-24f7-45a5-a5e1-a41dc88d4cb6</title>
      <link>https://vulnerability.circl.lu/sighting/3ddc6269-24f7-45a5-a5e1-a41dc88d4cb6/export</link>
      <description>{"uuid": "3ddc6269-24f7-45a5-a5e1-a41dc88d4cb6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-58480", "type": "seen", "source": "https://bsky.app/profile/pulse-wp.com/post/3mq6dcaeasa2p", "content": "Arbitrary file upload. No auth required. CVE-2026-58480. Blocksy Companion Pro before 2.1.47 lets any visitor execute code on your server. CVSS 9.8. No patch available yet. Disable it now. Scan: pulse-wp.com\n#WordPress #RCE #CyberSecurity", "creation_timestamp": "2026-07-09T00:00:38.608370Z"}</description>
      <content:encoded>{"uuid": "3ddc6269-24f7-45a5-a5e1-a41dc88d4cb6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-58480", "type": "seen", "source": "https://bsky.app/profile/pulse-wp.com/post/3mq6dcaeasa2p", "content": "Arbitrary file upload. No auth required. CVE-2026-58480. Blocksy Companion Pro before 2.1.47 lets any visitor execute code on your server. CVSS 9.8. No patch available yet. Disable it now. Scan: pulse-wp.com\n#WordPress #RCE #CyberSecurity", "creation_timestamp": "2026-07-09T00:00:38.608370Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/3ddc6269-24f7-45a5-a5e1-a41dc88d4cb6/export</guid>
      <pubDate>Thu, 09 Jul 2026 00:00:38 +0000</pubDate>
    </item>
    <item>
      <title>cf7a9d5b-9b12-459c-936d-f6c7f8996fcc</title>
      <link>https://vulnerability.circl.lu/sighting/cf7a9d5b-9b12-459c-936d-f6c7f8996fcc/export</link>
      <description>{"uuid": "cf7a9d5b-9b12-459c-936d-f6c7f8996fcc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-58480", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mq5ka65ce62t", "content": "CVE-2026-58480 - Blocksy Companion Pro\nCVE ID : CVE-2026-58480\n \n Published : July 8, 2026, 2:17 p.m. | 42\u00a0minutes ago\n \n Description : Blocksy Companion Pro plugin for WordPress before 2.1.47 contains an unauthenticated arbitrary file upload vulnerability that allows attacker...", "creation_timestamp": "2026-07-08T16:32:06.805787Z"}</description>
      <content:encoded>{"uuid": "cf7a9d5b-9b12-459c-936d-f6c7f8996fcc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-58480", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mq5ka65ce62t", "content": "CVE-2026-58480 - Blocksy Companion Pro\nCVE ID : CVE-2026-58480\n \n Published : July 8, 2026, 2:17 p.m. | 42\u00a0minutes ago\n \n Description : Blocksy Companion Pro plugin for WordPress before 2.1.47 contains an unauthenticated arbitrary file upload vulnerability that allows attacker...", "creation_timestamp": "2026-07-08T16:32:06.805787Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/cf7a9d5b-9b12-459c-936d-f6c7f8996fcc/export</guid>
      <pubDate>Wed, 08 Jul 2026 16:32:06 +0000</pubDate>
    </item>
    <item>
      <title>0ce95557-d6a1-4ffb-8f81-3ef07663f741</title>
      <link>https://vulnerability.circl.lu/sighting/0ce95557-d6a1-4ffb-8f81-3ef07663f741/export</link>
      <description>{"uuid": "0ce95557-d6a1-4ffb-8f81-3ef07663f741", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-58480", "type": "seen", "source": "https://bsky.app/profile/malwareobserver.bsky.social/post/3mq5e5errax26", "content": "\ud83d\udc1b VULNERABILITIES CVE Notify: \ud83d\udea8 [CVE-2026-58480](https://patchstack.com/database/wordpress/plugin/blocksy-companion/vulnerability...\nhttps://patchstack.com/database/wordpress/plugin/blocksy-companion/vulnerability/wordpress-blocksy-companion-plugin-2-1-46-unauthenticated-arbitrary-file-upload-vuln", "creation_timestamp": "2026-07-08T14:43:09.575692Z"}</description>
      <content:encoded>{"uuid": "0ce95557-d6a1-4ffb-8f81-3ef07663f741", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-58480", "type": "seen", "source": "https://bsky.app/profile/malwareobserver.bsky.social/post/3mq5e5errax26", "content": "\ud83d\udc1b VULNERABILITIES CVE Notify: \ud83d\udea8 [CVE-2026-58480](https://patchstack.com/database/wordpress/plugin/blocksy-companion/vulnerability...\nhttps://patchstack.com/database/wordpress/plugin/blocksy-companion/vulnerability/wordpress-blocksy-companion-plugin-2-1-46-unauthenticated-arbitrary-file-upload-vuln", "creation_timestamp": "2026-07-08T14:43:09.575692Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/0ce95557-d6a1-4ffb-8f81-3ef07663f741/export</guid>
      <pubDate>Wed, 08 Jul 2026 14:43:09 +0000</pubDate>
    </item>
    <item>
      <title>33c4fe6c-de5b-492d-9279-c7a9e21cc6da</title>
      <link>https://vulnerability.circl.lu/sighting/33c4fe6c-de5b-492d-9279-c7a9e21cc6da/export</link>
      <description>{"uuid": "33c4fe6c-de5b-492d-9279-c7a9e21cc6da", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-58480", "type": "seen", "source": "https://bsky.app/profile/stackflag.bsky.social/post/3mq5cftox272w", "content": "CVE-2026-58480 - blocksy companion\nThe Blocksy Companion Pro plugin for WordPress is affected if it's version is less than 2.1.47. Attackers can upload malicious files, such as executable\u2026\n\nToo many irrelevant or confusing CVEs? Use stackflag.com\n\n#blocksycompanion #creativethemes #CVE #infosec", "creation_timestamp": "2026-07-08T14:12:06.516593Z"}</description>
      <content:encoded>{"uuid": "33c4fe6c-de5b-492d-9279-c7a9e21cc6da", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-58480", "type": "seen", "source": "https://bsky.app/profile/stackflag.bsky.social/post/3mq5cftox272w", "content": "CVE-2026-58480 - blocksy companion\nThe Blocksy Companion Pro plugin for WordPress is affected if it's version is less than 2.1.47. Attackers can upload malicious files, such as executable\u2026\n\nToo many irrelevant or confusing CVEs? Use stackflag.com\n\n#blocksycompanion #creativethemes #CVE #infosec", "creation_timestamp": "2026-07-08T14:12:06.516593Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/33c4fe6c-de5b-492d-9279-c7a9e21cc6da/export</guid>
      <pubDate>Wed, 08 Jul 2026 14:12:06 +0000</pubDate>
    </item>
    <item>
      <title>d049ebfd-9b3e-40ea-97a8-d9e0c1d2f266</title>
      <link>https://vulnerability.circl.lu/sighting/d049ebfd-9b3e-40ea-97a8-d9e0c1d2f266/export</link>
      <description>{"uuid": "d049ebfd-9b3e-40ea-97a8-d9e0c1d2f266", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-58480", "type": "seen", "source": "https://bsky.app/profile/offseq.bsky.social/post/3mq5a3kmqpd2j", "content": "Blocksy Companion Pro for WordPress has a CRITICAL file upload vulnerability (CVE-2026-58480). Unauthenticated attackers can achieve RCE \u2014 update immediately if possible. https://radar.offseq.com/threat/cve-2026-58480-unrestricted-upload-of-file-with-da-329cbb8c3408e021 #OffSeq #WordPress #CVE202...", "creation_timestamp": "2026-07-08T13:30:34.392225Z"}</description>
      <content:encoded>{"uuid": "d049ebfd-9b3e-40ea-97a8-d9e0c1d2f266", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-58480", "type": "seen", "source": "https://bsky.app/profile/offseq.bsky.social/post/3mq5a3kmqpd2j", "content": "Blocksy Companion Pro for WordPress has a CRITICAL file upload vulnerability (CVE-2026-58480). Unauthenticated attackers can achieve RCE \u2014 update immediately if possible. https://radar.offseq.com/threat/cve-2026-58480-unrestricted-upload-of-file-with-da-329cbb8c3408e021 #OffSeq #WordPress #CVE202...", "creation_timestamp": "2026-07-08T13:30:34.392225Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/d049ebfd-9b3e-40ea-97a8-d9e0c1d2f266/export</guid>
      <pubDate>Wed, 08 Jul 2026 13:30:34 +0000</pubDate>
    </item>
    <item>
      <title>823e80ec-c2ea-42cb-b4e7-59ca5e990fb6</title>
      <link>https://vulnerability.circl.lu/sighting/823e80ec-c2ea-42cb-b4e7-59ca5e990fb6/export</link>
      <description>{"uuid": "823e80ec-c2ea-42cb-b4e7-59ca5e990fb6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-58480", "type": "seen", "source": "https://infosec.exchange/users/offseq/statuses/116884598388668562", "content": "Blocksy Companion Pro &amp;lt;2.1.47 has a CRITICAL unauthenticated file upload flaw (CVE-2026-58480). Attackers can bypass extension checks and achieve remote code execution via crafted filenames. Patch ASAP. https://radar.offseq.com/threat/cve-2026-58480-unrestricted-upload-of-file-with-da-329cbb8c3408e021 #OffSeq #CVE202658480 #WordPress #Vuln", "creation_timestamp": "2026-07-08T13:30:32.375874Z"}</description>
      <content:encoded>{"uuid": "823e80ec-c2ea-42cb-b4e7-59ca5e990fb6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-58480", "type": "seen", "source": "https://infosec.exchange/users/offseq/statuses/116884598388668562", "content": "Blocksy Companion Pro &amp;lt;2.1.47 has a CRITICAL unauthenticated file upload flaw (CVE-2026-58480). Attackers can bypass extension checks and achieve remote code execution via crafted filenames. Patch ASAP. https://radar.offseq.com/threat/cve-2026-58480-unrestricted-upload-of-file-with-da-329cbb8c3408e021 #OffSeq #CVE202658480 #WordPress #Vuln", "creation_timestamp": "2026-07-08T13:30:32.375874Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/823e80ec-c2ea-42cb-b4e7-59ca5e990fb6/export</guid>
      <pubDate>Wed, 08 Jul 2026 13:30:32 +0000</pubDate>
    </item>
  </channel>
</rss>
