{"vulnerability": "CVE-2025-2691", "sightings": [{"uuid": "222d7cc7-4d5d-4c7f-bf0b-45de63810818", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-26916", "type": "seen", "source": "https://bsky.app/profile/vulnalerts.bsky.social/post/3lk2nrhchuv22", "content": "", "creation_timestamp": "2025-03-10T23:00:06.204216Z"}, {"uuid": "f4e0bc2d-352d-44c1-b8c5-482b83a07a95", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-2691", "type": "seen", "source": "https://mastodon.social/users/CyberSignaler/statuses/114212767200737917", "content": "", "creation_timestamp": "2025-03-23T16:48:43.980707Z"}, {"uuid": "a8594597-3c71-4e82-b63c-1b2f63c42a15", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-2691", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3ll2tlpie6o2m", "content": "", "creation_timestamp": "2025-03-23T18:09:27.293649Z"}, {"uuid": "583243ea-295f-41cd-a2fd-1a61f1fd72c9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-26915", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lizfyjursj2l", "content": "", "creation_timestamp": "2025-02-25T17:43:03.679333Z"}, {"uuid": "71b4ac19-295a-4734-b8de-6f371b8d8204", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-26915", "type": "seen", "source": "https://mastodon.social/users/CyberSignaler/statuses/114065783890193318", "content": "", "creation_timestamp": "2025-02-25T17:48:56.301560Z"}, {"uuid": "3b3339fe-9d6a-4969-8481-06f627d620c9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-26916", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3ljzv7jqdfe2h", "content": "", "creation_timestamp": "2025-03-10T15:40:37.073417Z"}, {"uuid": "70180b04-7d8d-4765-9410-36714a262693", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-26916", "type": "seen", "source": "https://bsky.app/profile/vulnalerts.bsky.social/post/3lk3vyvso6n2r", "content": "", "creation_timestamp": "2025-03-11T11:00:05.681173Z"}, {"uuid": "6382c71b-f07f-48b4-a824-023fa94859fb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-26910", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3ljzv7k73ok2x", "content": "", "creation_timestamp": "2025-03-10T15:40:38.768282Z"}, {"uuid": "20250332-b68b-417d-8b50-c11395bceca1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-26916", "type": "seen", "source": "https://mastodon.social/users/CyberSignaler/statuses/114138952269738221", "content": "", "creation_timestamp": "2025-03-10T15:56:38.532653Z"}, {"uuid": "cedc9426-b3dd-4044-ae5e-a0744fdf2897", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-26916", "type": "seen", "source": "https://bsky.app/profile/cyberalerts.bsky.social/post/3ljzv6vfnc32b", "content": "", "creation_timestamp": "2025-03-10T15:40:13.407887Z"}, {"uuid": "ee55b9a6-680d-4741-9317-8dbba6ed45ce", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-26916", "type": "seen", "source": "MISP/4d9e0694-2872-4bfc-8eee-f1ab846c5ab0", "content": "", "creation_timestamp": "2025-08-16T01:45:14.000000Z"}, {"uuid": "17b7082b-1207-42a4-807e-be8003060b71", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-26916", "type": "seen", "source": "https://t.me/cvedetector/19972", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-26916 - EPC Massive Dynamic PHP Remote File Inclusion Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-26916 \nPublished : March 10, 2025, 3:15 p.m. | 2\u00a0hours, 7\u00a0minutes ago \nDescription : Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in EPC Massive Dynamic. This issue affects Massive Dynamic: from n/a through 8.2. \nSeverity: 9.0 | CRITICAL \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"10 Mar 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-03-10T19:02:39.000000Z"}, {"uuid": "5992b379-10cc-4548-bcd6-c7c72e3c5d13", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-26916", "type": "seen", "source": "MISP/4d9e0694-2872-4bfc-8eee-f1ab846c5ab0", "content": "", "creation_timestamp": "2025-08-19T04:06:32.000000Z"}, {"uuid": "76335794-0ec1-4ea4-904f-e31dfddf753c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-26910", "type": "seen", "source": "https://t.me/cvedetector/19971", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-26910 - Iqonic Design WPBookit CSRF Stored XSS\", \n  \"Content\": \"CVE ID : CVE-2025-26910 \nPublished : March 10, 2025, 3:15 p.m. | 2\u00a0hours, 7\u00a0minutes ago \nDescription : Cross-Site Request Forgery (CSRF) vulnerability in Iqonic Design WPBookit allows Stored XSS. This issue affects WPBookit: from n/a through 1.0.1. \nSeverity: 7.1 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"10 Mar 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-03-10T19:02:38.000000Z"}, {"uuid": "65b6038d-a251-4fd2-9c18-ccc5b9d04125", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-26917", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/6218", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-26917\n\ud83d\udd25 CVSS Score: 7.1 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L)\n\ud83d\udd39 Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in HasThemes WP Templata allows Reflected XSS. This issue affects WP Templata: from n/a through 1.0.7.\n\ud83d\udccf Published: 2025-03-03T13:30:41.212Z\n\ud83d\udccf Modified: 2025-03-03T13:30:41.212Z\n\ud83d\udd17 References:\n1. https://patchstack.com/database/wordpress/plugin/wptemplata/vulnerability/wordpress-wp-templata-plugin-1-0-7-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve", "creation_timestamp": "2025-03-03T14:30:16.000000Z"}, {"uuid": "8502557c-c9fd-4725-9c99-b185a0219903", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-26913", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/5360", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-26913\n\ud83d\udd25 CVSS Score: 6.5 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L)\n\ud83d\udd39 Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in webandprint AR For WordPress allows DOM-Based XSS. This issue affects AR For WordPress: from n/a through 7.7.\n\ud83d\udccf Published: 2025-02-25T14:17:53.971Z\n\ud83d\udccf Modified: 2025-02-25T18:58:43.238Z\n\ud83d\udd17 References:\n1. https://patchstack.com/database/wordpress/plugin/ar-for-wordpress/vulnerability/wordpress-ar-for-wordpress-plugin-7-7-cross-site-scripting-xss-vulnerability?_s_id=cve", "creation_timestamp": "2025-02-25T19:23:54.000000Z"}, {"uuid": "0c617834-3bb4-40c6-a496-c0c4c6854bf8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-26912", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/5359", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-26912\n\ud83d\udd25 CVSS Score: 6.5 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L)\n\ud83d\udd39 Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in HashThemes Easy Elementor Addons allows Stored XSS. This issue affects Easy Elementor Addons: from n/a through 2.1.6.\n\ud83d\udccf Published: 2025-02-25T14:17:53.801Z\n\ud83d\udccf Modified: 2025-02-25T19:00:33.408Z\n\ud83d\udd17 References:\n1. https://patchstack.com/database/wordpress/plugin/easy-elementor-addons/vulnerability/wordpress-easy-elementor-addons-plugin-2-1-6-cross-site-scripting-xss-vulnerability?_s_id=cve", "creation_timestamp": "2025-02-25T19:23:50.000000Z"}, {"uuid": "cebccd28-b056-4b89-a5fd-51b7a9c79b14", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-26911", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/5357", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-26911\n\ud83d\udd25 CVSS Score: 4.3 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N)\n\ud83d\udd39 Description: Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in Bowo System Dashboard allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects System Dashboard: from n/a through 2.8.18.\n\ud83d\udccf Published: 2025-02-25T14:17:53.652Z\n\ud83d\udccf Modified: 2025-02-25T19:02:15.237Z\n\ud83d\udd17 References:\n1. https://patchstack.com/database/wordpress/plugin/system-dashboard/vulnerability/wordpress-system-dashboard-plugin-2-8-18-sensitive-data-exposure-vulnerability?_s_id=cve", "creation_timestamp": "2025-02-25T19:23:48.000000Z"}, {"uuid": "0502d0d3-62d8-46c9-8601-9d076e38a9cf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-26914", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/6203", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-26914\n\ud83d\udd25 CVSS Score: 7.1 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L)\n\ud83d\udd39 Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Bowo Variable Inspector allows Reflected XSS. This issue affects Variable Inspector: from n/a through 2.6.2.\n\ud83d\udccf Published: 2025-03-03T13:30:41.066Z\n\ud83d\udccf Modified: 2025-03-03T14:19:02.805Z\n\ud83d\udd17 References:\n1. https://patchstack.com/database/wordpress/plugin/variable-inspector/vulnerability/wordpress-variable-inspector-plugin-2-6-2-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve", "creation_timestamp": "2025-03-03T14:29:54.000000Z"}, {"uuid": "cfe38796-16ae-44bf-bfe7-e046440c0e83", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-26918", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/6217", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-26918\n\ud83d\udd25 CVSS Score: 7.1 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L)\n\ud83d\udd39 Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in enituretechnology Small Package Quotes \u2013 Unishippers Edition allows Reflected XSS. This issue affects Small Package Quotes \u2013 Unishippers Edition: from n/a through 2.4.9.\n\ud83d\udccf Published: 2025-03-03T13:30:41.382Z\n\ud83d\udccf Modified: 2025-03-03T13:30:41.382Z\n\ud83d\udd17 References:\n1. https://patchstack.com/database/wordpress/plugin/small-package-quotes-unishippers-edition/vulnerability/wordpress-small-package-quotes-unishippers-edition-plugin-2-4-9-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve", "creation_timestamp": "2025-03-03T14:30:15.000000Z"}, {"uuid": "a624ef2b-bfb4-42a7-9dc2-3d093c14f588", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-26910", "type": "seen", "source": "Telegram/j_xO_z5l9Q2trsNS6igwYMiUDhg4F4X1rzTMEIHgRMgtDZEK", "content": "", "creation_timestamp": "2025-03-10T19:39:06.000000Z"}, {"uuid": "47a44bd7-5373-4288-9207-16f9fe42985e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-26919", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/12051", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-26919\n\ud83d\udd25 CVSS Score: 6.5 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L)\n\ud83d\udd39 Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in tainacan Tain\u00e1 allows Stored XSS. This issue affects Tain\u00e1: from n/a through 0.2.2.\n\ud83d\udccf Published: 2025-04-15T21:53:11.998Z\n\ud83d\udccf Modified: 2025-04-16T13:41:05.532Z\n\ud83d\udd17 References:\n1. https://patchstack.com/database/wordpress/theme/taina/vulnerability/wordpress-taina-plugin-0-2-2-cross-site-scripting-xss-vulnerability?_s_id=cve", "creation_timestamp": "2025-04-16T13:56:08.000000Z"}, {"uuid": "4cd03d82-b02c-4f1e-a850-2fa31a081ec7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-26916", "type": "seen", "source": "Telegram/HZBjUbZMPmlIQCJxncJyI_117UYR7lVI-91X3-V67rMcQiIV", "content": "", "creation_timestamp": "2025-03-10T19:39:06.000000Z"}, {"uuid": "52482f66-b27d-4151-bdce-d9cdddb576c4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-2691", "type": "seen", "source": "https://t.me/cvedetector/20905", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-2691 - Nossrf SSRF\", \n  \"Content\": \"CVE ID : CVE-2025-2691 \nPublished : March 23, 2025, 3:15 p.m. | 1\u00a0hour, 9\u00a0minutes ago \nDescription : Versions of the package nossrf before 1.0.4 are vulnerable to Server-Side Request Forgery (SSRF) where an attacker can provide a hostname that resolves to a local or reserved IP address space and bypass the SSRF protection mechanism. \nSeverity: 8.2 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"23 Mar 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-03-23T18:09:23.000000Z"}]}