{"vulnerability": "CVE-2025-2483", "sightings": [{"uuid": "cc9995f8-c05a-422b-b04e-93a6f2b58ea4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-24836", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113998818943958722", "content": "", "creation_timestamp": "2025-02-13T21:58:52.795599Z"}, {"uuid": "cbf8fc8d-464b-457d-ba52-0a283fd27880", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-24830", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lh23fxcih62t", "content": "", "creation_timestamp": "2025-01-31T13:15:57.732826Z"}, {"uuid": "cf6eaca1-9fe9-487f-af8b-f9d36beaced4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-24831", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lh23fzn2fq2f", "content": "", "creation_timestamp": "2025-01-31T13:16:00.350616Z"}, {"uuid": "bb4ca1f7-c6e9-493a-85c9-d06c2c5f28b7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-24836", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3li3pnnapk62a", "content": "", "creation_timestamp": "2025-02-13T22:16:01.820551Z"}, {"uuid": "923257d5-0462-46ef-b377-0fd85c3349bd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-24839", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lmwfurl7k62v", "content": "", "creation_timestamp": "2025-04-16T10:43:46.503422Z"}, {"uuid": "c86d7c90-f29d-446b-827e-10004b0383bf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-24832", "type": "seen", "source": "https://t.me/cvedetector/19096", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-24832 - Acronis Backup File Overwrite Symbolic Link Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-24832 \nPublished : Feb. 27, 2025, 11:15 p.m. | 31\u00a0minutes ago \nDescription : Arbitrary file overwrite during home directory recovery due to improper symbolic link handling. The following products are affected: Acronis Backup plugin for cPanel & WHM (Linux) before build 1.8.4.866, Acronis Backup plugin for cPanel & WHM (Linux) before build 1.9.1.892, Acronis Backup extension for Plesk (Linux) before build 1.8.7.615. \nSeverity: 5.5 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"28 Feb 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-02-28T01:08:09.000000Z"}, {"uuid": "b9dbc664-360d-4184-b0de-0acba5214a32", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-24838", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3m5epojx7ff2n", "content": "", "creation_timestamp": "2025-11-11T17:59:33.708141Z"}, {"uuid": "928ed72a-cf76-47e5-8d3d-f81c5cd61cf7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-24836", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/4400", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-24836\n\ud83d\udd25 CVSS Score: 7.1 (CVSS_V3)\n\ud83d\udd39 Description: With a specially crafted Python script, an attacker could send \ncontinuous startMeasurement commands over an unencrypted Bluetooth \nconnection to the affected device. This would prevent the device from \nconnecting to a clinician's app to take patient readings and ostensibly \nflood it with requests, resulting in a denial-of-service condition.\n\ud83d\udccf Published: 2025-02-14T00:30:44Z\n\ud83d\udccf Modified: 2025-02-14T00:30:44Z\n\ud83d\udd17 References:\n1. https://nvd.nist.gov/vuln/detail/CVE-2025-24836\n2. https://www.cisa.gov/news-events/ics-medical-advisories/icsma-25-044-01\n3. https://www.qardio.com/about-us/#contact", "creation_timestamp": "2025-02-14T01:16:44.000000Z"}, {"uuid": "f9a33518-3bae-4ee0-acf7-3526cdeb98e8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-24830", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/13176", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-24830\n\ud83d\udd25 CVSS Score: 6.3 (cvssV3_0, Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N)\n\ud83d\udd39 Description: Local privilege escalation due to DLL hijacking vulnerability. The following products are affected: Acronis Cyber Protect Cloud Agent (Windows) before build 39378.\n\ud83d\udccf Published: 2025-01-31T12:43:13.267Z\n\ud83d\udccf Modified: 2025-04-24T03:55:24.177Z\n\ud83d\udd17 References:\n1. https://security-advisory.acronis.com/advisories/SEC-7829", "creation_timestamp": "2025-04-24T04:05:54.000000Z"}, {"uuid": "5f0b0cec-74b1-4ea1-9216-9af5563068d0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-24832", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/5816", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-24832\n\ud83d\udd25 CVSS Score: 4.4 (cvssV3_0, Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N)\n\ud83d\udd39 Description: Arbitrary file overwrite during home directory recovery due to improper symbolic link handling. The following products are affected: Acronis Backup plugin for cPanel & WHM (Linux) before build 1.8.4.866, Acronis Backup plugin for cPanel & WHM (Linux) before build 1.9.1.892, Acronis Backup extension for Plesk (Linux) before build 1.8.7.615.\n\ud83d\udccf Published: 2025-02-27T23:00:16.679Z\n\ud83d\udccf Modified: 2025-02-27T23:00:16.679Z\n\ud83d\udd17 References:\n1. https://security-advisory.acronis.com/advisories/SEC-7649", "creation_timestamp": "2025-02-27T23:25:37.000000Z"}, {"uuid": "dea88c55-f21d-4d95-8cf8-dd786e68d839", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-2483", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/10040", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-2483\n\ud83d\udd25 CVSS Score: 6.1 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N)\n\ud83d\udd39 Description: The Gift Certificate Creator plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the \u2018receip_address\u2019 parameter in all versions up to, and including, 1.1.0 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link.\n\ud83d\udccf Published: 2025-04-02T09:21:45.192Z\n\ud83d\udccf Modified: 2025-04-02T09:21:45.192Z\n\ud83d\udd17 References:\n1. https://www.wordfence.com/threat-intel/vulnerabilities/id/adbebe61-3adc-4ba1-8767-863dc2310cad?source=cve\n2. https://plugins.trac.wordpress.org/browser/gift-certificate-creator/trunk/giftcertificates.php#L312\n3. https://wordpress.org/plugins/gift-certificate-creator/#developers", "creation_timestamp": "2025-04-02T09:34:22.000000Z"}, {"uuid": "35e78394-62ef-40db-a961-6389a85a6e38", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-2483", "type": "seen", "source": "https://t.me/cvedetector/21858", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-2483 - WordPress Gift Certificate Creator Reflected Cross-Site Scripting Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-2483 \nPublished : April 2, 2025, 10:15 a.m. | 2\u00a0hours, 2\u00a0minutes ago \nDescription : The Gift Certificate Creator plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the \u2018receip_address\u2019 parameter in all versions up to, and including, 1.1.0 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link. \nSeverity: 6.1 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"02 Apr 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-04-02T14:58:59.000000Z"}, {"uuid": "c2129df5-b72b-440e-9bfc-dc82122cb8de", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-24831", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/13175", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-24831\n\ud83d\udd25 CVSS Score: 6.6 (cvssV3_0, Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N)\n\ud83d\udd39 Description: Local privilege escalation due to unquoted search path vulnerability. The following products are affected: Acronis Cyber Protect Cloud Agent (Windows) before build 39378.\n\ud83d\udccf Published: 2025-01-31T12:42:57.048Z\n\ud83d\udccf Modified: 2025-04-24T03:55:25.585Z\n\ud83d\udd17 References:\n1. https://security-advisory.acronis.com/advisories/SEC-6153", "creation_timestamp": "2025-04-24T04:05:52.000000Z"}, {"uuid": "7fb45e42-b5f7-4c6a-a68a-532726332f8b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-24831", "type": "seen", "source": "https://t.me/cvedetector/16932", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-24831 - Acronis Cyber Protect Cloud Agent Windows Unquoted Search Path Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-24831 \nPublished : Jan. 31, 2025, 1:15 p.m. | 34\u00a0minutes ago \nDescription : Local privilege escalation due to unquoted search path vulnerability. The following products are affected: Acronis Cyber Protect Cloud Agent (Windows) before build 39378. \nSeverity: 6.6 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"31 Jan 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-01-31T15:22:26.000000Z"}, {"uuid": "72f6a745-97be-43b6-b44c-fe69db5905df", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-24830", "type": "seen", "source": "https://t.me/cvedetector/16931", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-24830 - Acronis Cyber Protect Cloud Agent DLL Hijacking Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-24830 \nPublished : Jan. 31, 2025, 1:15 p.m. | 34\u00a0minutes ago \nDescription : Local privilege escalation due to DLL hijacking vulnerability. The following products are affected: Acronis Cyber Protect Cloud Agent (Windows) before build 39378. \nSeverity: 6.3 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"31 Jan 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-01-31T15:22:25.000000Z"}, {"uuid": "0a584ec5-b298-435a-b0fb-136822f25e9c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-24839", "type": "seen", "source": "https://t.me/cvedetector/23062", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-24839 - Mattermost AI Bot Triggering Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-24839 \nPublished : April 16, 2025, 8:15 a.m. | 1\u00a0hour, 13\u00a0minutes ago \nDescription : Mattermost versions 10.5.x <=<=<=\nSeverity: 3.1 | LOW \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"16 Apr 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-04-16T11:51:00.000000Z"}, {"uuid": "dc01321c-900b-4677-8b6f-3331c66881e6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-24831", "type": "seen", "source": "Telegram/MSrsKiY44a3LUivFu-IGvaBKAyprVmT4LJCfYnfLsj6pZTsx", "content": "", "creation_timestamp": "2025-02-01T17:28:09.000000Z"}, {"uuid": "1cc29a8b-385e-40c7-881a-e399a86cfa0d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-24830", "type": "seen", "source": "Telegram/212JznRJ5Oqfv2cYC-Ao6oGxdpC8v-VlsU4G9S8sBTNn9syT", "content": "", "creation_timestamp": "2025-02-01T17:28:09.000000Z"}]}