{"vulnerability": "CVE-2025-2780", "sightings": [{"uuid": "173f03f4-7f92-450b-a04d-4371e65611f7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-27802", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3luzouzylrn2b", "content": "", "creation_timestamp": "2025-07-28T13:24:28.028541Z"}, {"uuid": "aeef060d-c342-468c-b157-24dfe018d2a1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-27809", "type": "seen", "source": "https://mastodon.social/users/bagder/statuses/114219552888158695", "content": "", "creation_timestamp": "2025-03-24T21:34:31.078026Z"}, {"uuid": "a63147b4-62b7-474a-aee1-56401454379c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-27809", "type": "seen", "source": "https://bsky.app/profile/bagder.mastodon.social.ap.brid.gy/post/3ll5pjgxeyoe2", "content": "", "creation_timestamp": "2025-03-24T22:24:35.402416Z"}, {"uuid": "30b4b55a-2e4c-4cd6-a71b-0c234aad294d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-27809", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3ll6va2fupl26", "content": "", "creation_timestamp": "2025-03-25T08:49:26.336713Z"}, {"uuid": "c33bd84d-6a1a-4acb-98e5-964d8aae58a4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-2780", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3llxxalf7r72r", "content": "", "creation_timestamp": "2025-04-04T08:02:01.977638Z"}, {"uuid": "33e0a6c4-8a20-4dce-8711-d8aed9949f82", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-2780", "type": "seen", "source": "https://bsky.app/profile/cyberalerts.bsky.social/post/3llxzf3vrr42r", "content": "", "creation_timestamp": "2025-04-04T08:40:20.267176Z"}, {"uuid": "70074a2a-61f6-4fef-a532-3753cc81c707", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-2780", "type": "seen", "source": "https://mastodon.social/users/CyberSignaler/statuses/114279062248412727", "content": "", "creation_timestamp": "2025-04-04T09:48:28.165153Z"}, {"uuid": "2568de79-21be-498d-9697-bcdafc6806b4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-2780", "type": "seen", "source": "https://mastodon.social/users/CyberSignaler/statuses/114279062248412727", "content": "", "creation_timestamp": "2025-04-04T09:48:28.167882Z"}, {"uuid": "5910c270-8f03-4a69-9f1d-3884fbf8fafb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-27801", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3luzp3qwjvb2h", "content": "", "creation_timestamp": "2025-07-28T13:28:13.488593Z"}, {"uuid": "542080b6-8528-43f7-a182-0eabb4807eb3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-27800", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3luzpmfm5nu2q", "content": "", "creation_timestamp": "2025-07-28T13:37:32.181404Z"}, {"uuid": "e9ca142c-ba7b-4fcd-9ebc-25d477522b2f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-27807", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mbpdmbq3a32e", "content": "", "creation_timestamp": "2026-01-05T21:03:36.671934Z"}, {"uuid": "caa68029-7810-45a4-b315-ecb19be1f587", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-27807", "type": "seen", "source": "https://bsky.app/profile/mdgtech.substack.com/post/3mbrjxae4qs2e", "content": "", "creation_timestamp": "2026-01-06T18:02:26.806591Z"}, {"uuid": "15bfba27-f5dc-420d-bef1-8887e981c658", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-27807", "type": "seen", "source": "https://bsky.app/profile/thehackerwire.bsky.social/post/3mbsjmxeuvo2u", "content": "", "creation_timestamp": "2026-01-07T03:29:22.069685Z"}, {"uuid": "11aab61b-2c8f-4ae1-951e-d1c880f3cc48", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-2780", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/10413", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-2780\n\ud83d\udd25 CVSS Score: 9.8 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)\n\ud83d\udd39 Description: The Woffice Core plugin for WordPress, used by the Woffice Theme, is vulnerable to arbitrary file uploads due to missing file type validation in the 'saveFeaturedImage' function in all versions up to, and including, 5.4.21. This makes it possible for authenticated attackers, with Subscriber-level access and above, to upload arbitrary files on the affected site's server which may make remote code execution possible.\n\ud83d\udccf Published: 2025-04-04T07:00:13.886Z\n\ud83d\udccf Modified: 2025-04-04T07:00:13.886Z\n\ud83d\udd17 References:\n1. https://www.wordfence.com/threat-intel/vulnerabilities/id/7d057ac6-a341-4ec3-956c-2a2a5636155c?source=cve\n2. http://localhost:1337/wp-content/plugins/woffice-core/extensions/woffice-event/class-fw-extension-woffice-event.php#L1235\n3. https://hub.woffice.io/woffice/changelog#april-1st-2025-version-5422", "creation_timestamp": "2025-04-04T07:36:06.000000Z"}, {"uuid": "683b0a2e-0275-411b-8d25-fe4ee77dc08b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-27804", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/17107", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-27804\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: Several OS command injection vulnerabilities exist in the device firmware in the /var/salia/mqtt.php script. By publishing a specially crafted message to a certain MQTT topic arbitrary OS commands can be executed with root permissions.\n\ud83d\udccf Published: 2025-05-21T11:35:11.940Z\n\ud83d\udccf Modified: 2025-05-21T11:35:11.940Z\n\ud83d\udd17 References:\n1. https://r.sec-consult.com/echarge", "creation_timestamp": "2025-05-21T11:46:16.000000Z"}, {"uuid": "fe6d4523-f9b5-4065-981a-908b3af89d42", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-2780", "type": "seen", "source": "https://t.me/cvedetector/22090", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-2780 - Woffice Core WordPress Remote File Upload Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-2780 \nPublished : April 4, 2025, 7:15 a.m. | 39\u00a0minutes ago \nDescription : The Woffice Core plugin for WordPress, used by the Woffice Theme, is vulnerable to arbitrary file uploads due to missing file type validation in the 'saveFeaturedImage' function in all versions up to, and including, 5.4.21. This makes it possible for authenticated attackers, with Subscriber-level access and above, to upload arbitrary files on the affected site's server which may make remote code execution possible. \nSeverity: 9.8 | CRITICAL \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"04 Apr 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-04-04T10:29:24.000000Z"}, {"uuid": "0e9e55c3-a7cd-442f-93ff-b954cbee02d5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-27809", "type": "seen", "source": "https://t.me/cvedetector/21063", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-27809 - Mbed TLS Certificate Trust Hostname Forgery\", \n  \"Content\": \"CVE ID : CVE-2025-27809 \nPublished : March 25, 2025, 6:15 a.m. | 1\u00a0hour, 32\u00a0minutes ago \nDescription : Mbed TLS before 2.28.10 and 3.x before 3.6.3, on the client side, accepts servers that have trusted certificates for arbitrary hostnames unless the TLS client application calls mbedtls_ssl_set_hostname. \nSeverity: 5.4 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"25 Mar 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-03-25T09:27:40.000000Z"}]}