{"vulnerability": "CVE-2025-3102", "sightings": [{"uuid": "3c3485d4-eec9-4c1f-9cb3-ddcc70405c85", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-31024", "type": "seen", "source": "https://mastodon.social/users/CyberSignaler/statuses/114261604075398119", "content": "", "creation_timestamp": "2025-04-01T07:48:35.148290Z"}, {"uuid": "2f1ecab6-29ad-4070-a7fd-cbf465349b69", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-31024", "type": "seen", "source": "https://mastodon.social/users/CyberSignaler/statuses/114261604075398119", "content": "", "creation_timestamp": "2025-04-01T07:48:35.137971Z"}, {"uuid": "85db8da2-09a9-4034-904e-502b2b3b2c69", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-3102", "type": "seen", "source": "https://bsky.app/profile/hackingne.ws/post/3lmicgp4jay2m", "content": "", "creation_timestamp": "2025-04-10T20:04:53.542213Z"}, {"uuid": "4ed13453-f9c8-4c41-a57b-e41a0f48f683", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-3102", "type": "seen", "source": "https://mastodon.social/users/CyberSignaler/statuses/114312564628620572", "content": "", "creation_timestamp": "2025-04-10T07:48:31.661052Z"}, {"uuid": "48521d14-611b-442e-b757-8e553c94a0ed", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-3102", "type": "seen", "source": "https://bsky.app/profile/nimblenerd.social/post/3lmjcvq7jbv2e", "content": "", "creation_timestamp": "2025-04-11T05:45:58.275490Z"}, {"uuid": "c69ef89b-5b03-4748-8d0c-8d943c98e3fc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-3102", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-06-24)", "content": "", "creation_timestamp": "2025-06-24T00:00:00.000000Z"}, {"uuid": "e280077d-1c86-4b5a-a269-000b01521f7f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-3102", "type": "seen", "source": "https://thehackernews.com/2025/04/ottokit-wordpress-plugin-admin-creation.html", "content": "", "creation_timestamp": "2025-04-11T02:58:00.000000Z"}, {"uuid": "ef316551-ccd6-4375-bcbc-f8a4e7d09ec0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-3102", "type": "seen", "source": "https://poliverso.org/objects/0477a01e-3a61bc9d-5f52594206041dc5", "content": "", "creation_timestamp": "2025-04-11T07:41:52.414866Z"}, {"uuid": "b0a0209a-953b-4c07-af8a-8f41ee26d60b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-3102", "type": "seen", "source": "https://bsky.app/profile/securityrss.bsky.social/post/3lmjpkbniqe2n", "content": "", "creation_timestamp": "2025-04-11T09:32:13.454565Z"}, {"uuid": "54a31c2c-fa3f-4934-b9b1-c344f38c0bce", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-3102", "type": "seen", "source": "https://infosec.exchange/users/dragonjar/statuses/114318993583529498", "content": "", "creation_timestamp": "2025-04-11T11:03:30.420082Z"}, {"uuid": "d658724f-93de-4f4a-8a95-320fcf39c0b9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-31023", "type": "seen", "source": "https://mastodon.social/users/CyberSignaler/statuses/114309734798480919", "content": "", "creation_timestamp": "2025-04-09T19:48:51.733570Z"}, {"uuid": "81656b7d-5cb5-4fd2-a9dd-31814938796f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-3102", "type": "seen", "source": "https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3lmjzbcz77562", "content": "", "creation_timestamp": "2025-04-11T12:26:14.375747Z"}, {"uuid": "28a0c7f9-46f7-4912-a2f1-ebf4ad3e6c2e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-3102", "type": "seen", "source": "https://bsky.app/profile/empist.bsky.social/post/3lmkjekjnjs2x", "content": "", "creation_timestamp": "2025-04-11T17:14:19.679202Z"}, {"uuid": "e2db8e31-e512-4f88-ab85-60508707167a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-3102", "type": "seen", "source": "https://bsky.app/profile/aakl.bsky.social/post/3lmkkosefsk2y", "content": "", "creation_timestamp": "2025-04-11T17:37:56.918314Z"}, {"uuid": "fffe4c05-ec7c-4927-86bd-a37f36ca8e15", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "dc525914-0bee-4c92-8877-09e4a028665e", "vulnerability": "CVE-2025-3102", "type": "exploited", "source": "https://patchstack.com/articles/critical-suretriggers-plugin-vulnerability-exploited-within-4-hours/", "content": "", "creation_timestamp": "2025-04-13T13:11:43.492313Z"}, {"uuid": "5ce40336-7157-46b3-bb86-181872e450bb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-3102", "type": "seen", "source": "https://bsky.app/profile/beikokucyber.bsky.social/post/3lmkw4cvm372t", "content": "", "creation_timestamp": "2025-04-11T21:02:28.785131Z"}, {"uuid": "9df6fb29-125c-4c41-91cb-c5a4e5c16681", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-3102", "type": "seen", "source": "https://bsky.app/profile/securestep9.bsky.social/post/3lmm66wecnc2z", "content": "", "creation_timestamp": "2025-04-12T08:59:38.168065Z"}, {"uuid": "e494a052-2d1c-4c47-a051-9fca95aa03a7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-3102", "type": "exploited", "source": "https://bsky.app/profile/hacker.at.thenote.app/post/3lmpnxosnxk2x", "content": "", "creation_timestamp": "2025-04-13T18:19:53.000000Z"}, {"uuid": "42debc23-9e21-476d-ac36-8fac2bd73439", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-3102", "type": "exploited", "source": "https://mstdn.ca/users/rfwaveio/statuses/114327848545432109", "content": "", "creation_timestamp": "2025-04-13T00:35:28.000000Z"}, {"uuid": "8f980885-5433-4969-8800-8e35bfbbd995", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-3102", "type": "seen", "source": "https://bsky.app/profile/calebpr.bsky.social/post/3lmqu3os7dq2o", "content": "", "creation_timestamp": "2025-04-14T05:42:10.378711Z"}, {"uuid": "ce4f2fe8-cdc6-42d4-b411-90c44ed67dd9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-3102", "type": "seen", "source": "https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3lmr3hf6yck62", "content": "", "creation_timestamp": "2025-04-14T07:54:02.053290Z"}, {"uuid": "d85ef7e8-f46e-4eb3-8afa-b9303ac85c83", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-3102", "type": "seen", "source": "https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3lmty7iug4og2", "content": "", "creation_timestamp": "2025-04-15T11:34:29.204662Z"}, {"uuid": "a4a30096-c635-4b0c-abfb-fa33dec9e29b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-3102", "type": "seen", "source": "https://bsky.app/profile/infosec.skyfleet.blue/post/3lmmwt3mxyr2r", "content": "", "creation_timestamp": "2025-04-12T16:20:23.730306Z"}, {"uuid": "99c89ee4-48c2-4d82-a081-382815840b52", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-3102", "type": "seen", "source": "https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3lmtqb5ybwag2", "content": "", "creation_timestamp": "2025-04-15T09:11:57.546360Z"}, {"uuid": "282de970-3f30-41c3-a5b0-e56c3503a178", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-3102", "type": "seen", "source": "https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3lmuognnw73x2", "content": "", "creation_timestamp": "2025-04-15T18:32:23.619794Z"}, {"uuid": "5b69fc84-08c8-4c2e-b52e-ab82ca36567e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-31021", "type": "seen", "source": "https://bsky.app/profile/infosecsherpa.bsky.social/post/3lmxqekakxc2e", "content": "", "creation_timestamp": "2025-04-16T23:24:10.340207Z"}, {"uuid": "d4c42596-bfb3-42f4-9486-c6072a8df47a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-3102", "type": "confirmed", "source": "https://github.com/projectdiscovery/nuclei-templates/tree/main/http/cves/2025/CVE-2025-3102.yaml", "content": "", "creation_timestamp": "2025-05-26T10:35:25.000000Z"}, {"uuid": "eec7155c-cedb-4960-8e40-ca2824067021", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-3102", "type": "seen", "source": "https://bsky.app/profile/redteamnews.bsky.social/post/3lom5hfmr4l23", "content": "", "creation_timestamp": "2025-05-07T19:36:50.550187Z"}, {"uuid": "102d0a35-75da-4e8d-a0c9-81a8ef859090", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-3102", "type": "seen", "source": "https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3lmw7qiueis32", "content": "", "creation_timestamp": "2025-04-16T08:54:07.533662Z"}, {"uuid": "edda1747-40b8-4e90-bb99-3f1455415133", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-31027", "type": "seen", "source": "https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3lpknavuya6l2", "content": "", "creation_timestamp": "2025-05-19T22:39:28.425049Z"}, {"uuid": "8e45d229-b43d-4a83-ae4e-60bd74b9c85c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-3102", "type": "seen", "source": "https://bsky.app/profile/beikokucyber.bsky.social/post/3lq6lkkzoei24", "content": "", "creation_timestamp": "2025-05-27T21:02:17.811636Z"}, {"uuid": "39ea5f5a-1dfe-49a4-83c1-e9a321f54a33", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-3102", "type": "seen", "source": "MISP/a1f4de80-fff0-4971-8020-da8f70ab57ea", "content": "", "creation_timestamp": "2025-09-10T07:00:38.000000Z"}, {"uuid": "48e86ffb-6ad8-48dc-a184-c23bdaa5393c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-3102", "type": "seen", "source": "https://bsky.app/profile/beikokucyber.bsky.social/post/3lp5vioqbrh2n", "content": "", "creation_timestamp": "2025-05-14T21:02:27.520351Z"}, {"uuid": "f153b0f4-8770-4200-803f-e8dc3592d2a0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-3102", "type": "seen", "source": "MISP/a9d21043-f825-4bac-8d2b-56fb9e8343e7", "content": "", "creation_timestamp": "2025-10-23T21:13:04.000000Z"}, {"uuid": "2b638788-b869-40c7-b98a-ebbe72646691", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-3102", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-02-15)", "content": "", "creation_timestamp": "2026-02-15T00:00:00.000000Z"}, {"uuid": "71d2e774-9802-4c97-b143-a331fb8dc027", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-3102", "type": "seen", "source": "https://bsky.app/profile/beikokucyber.bsky.social/post/3lvjlbuzaqn2n", "content": "", "creation_timestamp": "2025-08-03T21:02:39.908221Z"}, {"uuid": "56574b9f-e20e-41e2-af76-02a33a077f46", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-3102", "type": "seen", "source": "MISP/a1f4de80-fff0-4971-8020-da8f70ab57ea", "content": "", "creation_timestamp": "2025-08-09T17:25:37.000000Z"}, {"uuid": "a93459a8-4371-4f44-ab11-21cd8c3f80af", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-3102", "type": "seen", "source": "https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/multi/http/wp_suretriggers_auth_bypass.rb", "content": "", "creation_timestamp": "2025-05-13T16:01:34.000000Z"}, {"uuid": "ea47df89-6c66-4f6e-a9f5-f9f9a37d24af", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "c933734a-9be8-4142-889e-26e95c752803", "vulnerability": "CVE-2025-31022", "type": "seen", "source": "https://vulnerability.circl.lu/comment/aaaf84c7-8007-4de5-b99f-ae9a91d6e26d", "content": "", "creation_timestamp": "2025-06-11T12:34:29.562531Z"}, {"uuid": "5eefd831-0d7b-4bf9-ad68-a222ef0b87ca", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-31024", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/9843", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-31024\n\ud83d\udd25 CVSS Score: 8.5 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:L)\n\ud83d\udd39 Description: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in randyjensen RJ Quickcharts allows SQL Injection. This issue affects RJ Quickcharts: from n/a through 0.6.1.\n\ud83d\udccf Published: 2025-04-01T05:32:24.749Z\n\ud83d\udccf Modified: 2025-04-01T05:32:24.749Z\n\ud83d\udd17 References:\n1. https://patchstack.com/database/wordpress/plugin/rj-quickcharts/vulnerability/wordpress-rj-quickcharts-plugin-0-6-1-sql-injection-vulnerability?_s_id=cve", "creation_timestamp": "2025-04-01T06:31:49.000000Z"}, {"uuid": "84328bc6-37d4-4390-b44c-22b4f1266cb7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-3102", "type": "published-proof-of-concept", "source": "Telegram/t2mOu0CqYZ5qLLxESiGoH_sUvRUlHAHlqkD_UKh-Uep6sL0", "content": "", "creation_timestamp": "2025-06-07T03:00:07.000000Z"}, {"uuid": "832a3a40-cf8e-40a1-b12d-87e074c8a6a0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-3102", "type": "published-proof-of-concept", "source": "Telegram/ZZSMGR1oNbSq10JiyVgjm46BE0NUVhN8HJco1HY--mJtk-o", "content": "", "creation_timestamp": "2025-06-04T03:00:07.000000Z"}, {"uuid": "9d29e581-31e1-4827-8109-a4f7d9713f97", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-3102", "type": "published-proof-of-concept", "source": "https://t.me/rHz0d/16", "content": "\ud83d\udd10 HOW to DEFACE using CVE-2025-3102\n\nhttps://youtu.be/zCqgVjbIQuc\n\nenjoy, questions @rHz0day", "creation_timestamp": "2025-04-16T17:11:00.000000Z"}, {"uuid": "0cfc7b12-804d-4b91-8c92-d0cfbe575257", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-3102", "type": "seen", "source": "https://t.me/rHz0d/15", "content": "deface tutorial with CVE-2025-3102 on yt tonight", "creation_timestamp": "2025-04-16T16:58:18.000000Z"}, {"uuid": "5174f57f-419a-488b-83cc-bbb8cdccb837", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-3102", "type": "published-proof-of-concept", "source": "https://t.me/rHz0d/7", "content": "\ud83d\udd10 CVE-2025-3102 \u2013 Authentication Bypass in SureTriggers WordPress Plugin\n\n\ud83d\udea8 CVE-2025-3102 is a critical authentication bypass vulnerability affecting the SureTriggers: All-in-One Automation Platform WordPress plugin, which is actively installed on over 100,000 websites. Due to the nature of the flaw and the scale of deployment, this vulnerability poses a significant security risk.\n\nDork : intitle:\"SureTriggers\" inurl:\"/wp-content/plugins/suretriggers\"\n\nhttps://github.com/rhz0d/CVE-2025-3102/\n\nenjoy", "creation_timestamp": "2025-05-21T15:02:26.000000Z"}, {"uuid": "37e3ebe0-9bb9-4b45-a303-c8244a7c8289", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-3102", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/11192", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-3102\n\ud83d\udd25 CVSS Score: 8.1 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H)\n\ud83d\udd39 Description: The SureTriggers: All-in-One Automation Platform plugin for WordPress is vulnerable to an authentication bypass leading to administrative account creation due to a missing empty value check on the 'secret_key' value in the 'autheticate_user' function in all versions up to, and including, 1.0.78. This makes it possible for unauthenticated attackers to create administrator accounts on the target website when the plugin is installed and activated but not configured with an API key.\n\ud83d\udccf Published: 2025-04-10T04:22:05.560Z\n\ud83d\udccf Modified: 2025-04-10T04:22:05.560Z\n\ud83d\udd17 References:\n1. https://www.wordfence.com/threat-intel/vulnerabilities/id/ec017311-f150-4a14-a4b4-b5634f574e2b?source=cve\n2. https://plugins.trac.wordpress.org/browser/suretriggers/trunk/src/Controllers/RestController.php#L59\n3. https://plugins.trac.wordpress.org/changeset?sfp_email=&amp;sfph_mail=&amp;reponame=&amp;new=3266499%40suretriggers%2Ftrunk&amp;old=3264905%40suretriggers%2Ftrunk&amp;sfp_email=&amp;sfph_mail=", "creation_timestamp": "2025-04-10T04:49:04.000000Z"}, {"uuid": "149ed75a-c30e-4fde-be0f-fc06d0cbfefb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-31020", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/11117", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-31020\n\ud83d\udd25 CVSS Score: 6.5 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L)\n\ud83d\udd39 Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Webliberty Simple Spoiler allows Stored XSS. This issue affects Simple Spoiler: from n/a through 1.4.\n\ud83d\udccf Published: 2025-04-09T16:10:16.303Z\n\ud83d\udccf Modified: 2025-04-09T16:10:16.303Z\n\ud83d\udd17 References:\n1. https://patchstack.com/database/wordpress/plugin/simple-spoiler/vulnerability/wordpress-simple-spoiler-1-4-cross-site-scripting-xss-vulnerability?_s_id=cve", "creation_timestamp": "2025-04-09T16:48:49.000000Z"}, {"uuid": "a5c7b08e-6a40-4578-9983-ffa34c97222f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-31026", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/11119", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-31026\n\ud83d\udd25 CVSS Score: 7.1 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L)\n\ud83d\udd39 Description: Cross-Site Request Forgery (CSRF) vulnerability in Austin Comment Validation Reloaded allows Stored XSS. This issue affects Comment Validation Reloaded: from n/a through 0.5.\n\ud83d\udccf Published: 2025-04-09T16:10:15.005Z\n\ud83d\udccf Modified: 2025-04-09T16:10:15.005Z\n\ud83d\udd17 References:\n1. https://patchstack.com/database/wordpress/plugin/comment-validation-reloaded/vulnerability/wordpress-comment-validation-reloaded-plugin-0-5-csrf-to-stored-xss-vulnerability?_s_id=cve", "creation_timestamp": "2025-04-09T16:48:52.000000Z"}, {"uuid": "7fd06118-f9db-4ddc-80cb-5ab01145af6a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-31023", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/11118", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-31023\n\ud83d\udd25 CVSS Score: 8.8 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H)\n\ud83d\udd39 Description: Cross-Site Request Forgery (CSRF) vulnerability in Purab Seo Meta Tags allows Cross Site Request Forgery. This issue affects Seo Meta Tags: from n/a through 1.4.\n\ud83d\udccf Published: 2025-04-09T16:10:15.706Z\n\ud83d\udccf Modified: 2025-04-09T16:10:15.706Z\n\ud83d\udd17 References:\n1. https://patchstack.com/database/wordpress/plugin/seo-meta-tags/vulnerability/wordpress-seo-meta-tags-plugin-1-4-csrf-to-privilege-escalation-vulnerability?_s_id=cve", "creation_timestamp": "2025-04-09T16:48:51.000000Z"}, {"uuid": "8cd59aa3-66a0-4729-9338-3b645a19f7d0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-3102", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/39389", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2025\n\u63cf\u8ff0\uff1a\ud83d\udd10 CVE-2025-3102 \u2013 Authentication Bypass in SureTriggers WordPress Plugin\nURL\uff1ahttps://github.com/B1ack4sh/CVE-2025-3102\n\n\u6807\u7b7e\uff1a#CVE-2025", "creation_timestamp": "2025-06-05T18:35:35.000000Z"}, {"uuid": "228646c5-8ef6-432c-bc09-784df3f5c19a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-31027", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/16932", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-31027\n\ud83d\udd25 CVSS Score: 7.1 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L)\n\ud83d\udd39 Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in jocoxdesign Tiger tiger allows Reflected XSS.This issue affects Tiger: from n/a through 2.0.\n\ud83d\udccf Published: 2025-05-19T19:59:43.260Z\n\ud83d\udccf Modified: 2025-05-19T19:59:43.260Z\n\ud83d\udd17 References:\n1. https://patchstack.com/database/wordpress/theme/tiger/vulnerability/wordpress-tiger-theme-2-0-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve", "creation_timestamp": "2025-05-19T20:39:28.000000Z"}, {"uuid": "76045fce-9ecd-41fe-974d-a7c56ccefcbe", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-3102", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/39519", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2025\n\u63cf\u8ff0\uff1aThe SureTriggers WordPress plugin contains a critical authentication bypass vulnerability (CVE-2025-3102) that affects all versions up to and including 1.0.78.\nURL\uff1ahttps://github.com/baribut/CVE-2025-3102\n\n\u6807\u7b7e\uff1a#CVE-2025", "creation_timestamp": "2025-06-06T20:33:23.000000Z"}, {"uuid": "1ba11026-fd6b-4e93-90f9-10e1d3b2b5b2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-3102", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/32687", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2025\n\u63cf\u8ff0\uff1aEXPLOIT CVE-2025-3102 \nURL\uff1ahttps://github.com/itsismarcos/vanda-CVE-2025-3102\n\n\u6807\u7b7e\uff1a#CVE-2025", "creation_timestamp": "2025-04-18T11:27:59.000000Z"}, {"uuid": "d6b2671a-f0af-4217-8e07-33d65007e1f2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-3102", "type": "exploited", "source": "https://t.me/itsec_news/5771", "content": "\u200b\u26a1\ufe0f\u041e\u0431\u043d\u043e\u0432\u0438\u0442\u0435 OttoKit \u043d\u0435\u043c\u0435\u0434\u043b\u0435\u043d\u043d\u043e: \u0445\u0430\u043a\u0435\u0440\u044b \u0430\u0442\u0430\u043a\u043e\u0432\u0430\u043b\u0438 WordPress \u0443\u0436\u0435 \u0447\u0435\u0440\u0435\u0437 4 \u0447\u0430\u0441\u0430 \u043f\u043e\u0441\u043b\u0435 \u043f\u0443\u0431\u043b\u0438\u043a\u0430\u0446\u0438\u0438 CVE\n\n\ud83d\udcac \u0425\u0430\u043a\u0435\u0440\u044b \u043d\u0430\u0447\u0430\u043b\u0438 \u043c\u0430\u0441\u0441\u043e\u0432\u043e \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0443\u044e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 \u043f\u043e\u043f\u0443\u043b\u044f\u0440\u043d\u043e\u043c \u043f\u043b\u0430\u0433\u0438\u043d\u0435 OttoKit (\u0440\u0430\u043d\u0435\u0435 SureTriggers ) \u0434\u043b\u044f WordPress \u0432\u0441\u0435\u0433\u043e \u0447\u0435\u0440\u0435\u0437 \u043d\u0435\u0441\u043a\u043e\u043b\u044c\u043a\u043e \u0447\u0430\u0441\u043e\u0432 \u043f\u043e\u0441\u043b\u0435 \u0435\u0451 \u043f\u0443\u0431\u043b\u0438\u0447\u043d\u043e\u0433\u043e \u0440\u0430\u0441\u043a\u0440\u044b\u0442\u0438\u044f. \u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u043e\u0431\u043e\u0439\u0442\u0438 \u0430\u0432\u0442\u043e\u0440\u0438\u0437\u0430\u0446\u0438\u044e \u0438 \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u043f\u043e\u043b\u043d\u044b\u0439 \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u044c \u043d\u0430\u0434 \u0441\u0430\u0439\u0442\u043e\u043c.\n\nOttoKit \u043f\u0440\u0435\u0434\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f\u043c \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e\u0441\u0442\u044c \u0431\u0435\u0437 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u044f \u0430\u0432\u0442\u043e\u043c\u0430\u0442\u0438\u0437\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u0434\u0435\u0439\u0441\u0442\u0432\u0438\u044f \u043d\u0430 \u0441\u0430\u0439\u0442\u0435 WordPress: \u0441\u0432\u044f\u0437\u044b\u0432\u0430\u0442\u044c \u0434\u0440\u0443\u0433\u0438\u0435 \u043f\u043b\u0430\u0433\u0438\u043d\u044b \u0438 \u0441\u0442\u043e\u0440\u043e\u043d\u043d\u0438\u0435 \u0441\u0435\u0440\u0432\u0438\u0441\u044b, \u0442\u0430\u043a\u0438\u0435 \u043a\u0430\u043a WooCommerce, Mailchimp \u0438 Google Sheets, \u043e\u0442\u043f\u0440\u0430\u0432\u043b\u044f\u0442\u044c \u043f\u0438\u0441\u044c\u043c\u0430, \u0434\u043e\u0431\u0430\u0432\u043b\u044f\u0442\u044c \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u0439 \u0438\u043b\u0438 \u043e\u0431\u043d\u043e\u0432\u043b\u044f\u0442\u044c CRM-\u0441\u0438\u0441\u0442\u0435\u043c\u044b. \u041f\u043e \u0441\u0442\u0430\u0442\u0438\u0441\u0442\u0438\u043a\u0435, \u043f\u043b\u0430\u0433\u0438\u043d \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u0442\u0441\u044f \u043d\u0430 \u0431\u043e\u043b\u0435\u0435 \u0447\u0435\u043c 100 \u0442\u044b\u0441\u044f\u0447\u0430\u0445 \u0441\u0430\u0439\u0442\u043e\u0432.\n\n\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043f\u043e\u043b\u0443\u0447\u0438\u043b\u0430 \u0438\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440 CVE-2025-3102 \u0438 \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u0435\u0442 \u0432\u0441\u0435 \u0432\u0435\u0440\u0441\u0438\u0438 OttoKit \u0438 SureTriggers \u0434\u043e 1.0.78 \u0432\u043a\u043b\u044e\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u043e. \u0415\u0451 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u043b\u0438 \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u0438\u0441\u0442\u044b Wordfence, \u043f\u043e\u043b\u0443\u0447\u0438\u0432\u0448\u0438\u0435 \u0441\u043e\u043e\u0431\u0449\u0435\u043d\u0438\u0435 \u043e\u0442 \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u044f \u043f\u043e\u0434 \u043f\u0441\u0435\u0432\u0434\u043e\u043d\u0438\u043c\u043e\u043c mikemyers. \u0417\u0430 \u043d\u0430\u0445\u043e\u0434\u043a\u0443 \u043e\u043d \u043f\u043e\u043b\u0443\u0447\u0438\u043b \u0432\u043e\u0437\u043d\u0430\u0433\u0440\u0430\u0436\u0434\u0435\u043d\u0438\u0435 \u0432 \u0440\u0430\u0437\u043c\u0435\u0440\u0435 1024 \u0434\u043e\u043b\u043b\u0430\u0440\u0430. \u0412\u0435\u043d\u0434\u043e\u0440 \u043e\u043f\u0435\u0440\u0430\u0442\u0438\u0432\u043d\u043e \u043e\u0442\u0440\u0435\u0430\u0433\u0438\u0440\u043e\u0432\u0430\u043b \u2014 \u0443\u0436\u0435 3 \u0430\u043f\u0440\u0435\u043b\u044f \u0431\u044b\u043b \u0432\u044b\u043f\u0443\u0449\u0435\u043d \u043e\u0431\u043d\u043e\u0432\u043b\u0451\u043d\u043d\u044b\u0439 \u0440\u0435\u043b\u0438\u0437 \u043f\u043e\u0434 \u043d\u043e\u043c\u0435\u0440\u043e\u043c 1.0.79 \u0441 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u0435\u043c \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u044b.\n\n\u041e\u0441\u043d\u043e\u0432\u043d\u0430\u044f \u043e\u0448\u0438\u0431\u043a\u0430 \u0437\u0430\u043a\u043b\u044e\u0447\u0430\u043b\u0430\u0441\u044c \u0432 \u0444\u0443\u043d\u043a\u0446\u0438\u0438 authenticate_user(), \u043e\u0442\u0432\u0435\u0447\u0430\u044e\u0449\u0435\u0439 \u0437\u0430 \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0443 \u043f\u0440\u0430\u0432 \u0434\u043e\u0441\u0442\u0443\u043f\u0430 \u0447\u0435\u0440\u0435\u0437 REST API. \u041f\u0440\u0438 \u043e\u0442\u0441\u0443\u0442\u0441\u0442\u0432\u0438\u0438 API-\u043a\u043b\u044e\u0447\u0430 \u043f\u043b\u0430\u0433\u0438\u043d \u0441\u043e\u0445\u0440\u0430\u043d\u044f\u0435\u0442 \u043f\u0443\u0441\u0442\u043e\u0435 \u0437\u043d\u0430\u0447\u0435\u043d\u0438\u0435 secret_key, \u0430 \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0430 \u0437\u043d\u0430\u0447\u0435\u043d\u0438\u0439 \u043d\u0430 \u043f\u0443\u0441\u0442\u043e\u0442\u0443 \u0432 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u043c \u043a\u043e\u0434\u0435 \u043e\u0442\u0441\u0443\u0442\u0441\u0442\u0432\u043e\u0432\u0430\u043b\u0430. \u042d\u0442\u043e \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u043b\u043e \u0430\u0442\u0430\u043a\u0443\u044e\u0449\u0438\u043c \u043f\u0440\u043e\u0441\u0442\u043e \u043e\u0442\u043f\u0440\u0430\u0432\u0438\u0442\u044c \u0437\u0430\u0433\u043e\u043b\u043e\u0432\u043e\u043a st_authorization \u0441 \u043f\u0443\u0441\u0442\u044b\u043c \u0437\u043d\u0430\u0447\u0435\u043d\u0438\u0435\u043c \u0438 \u043f\u0440\u043e\u0439\u0442\u0438 \u0430\u0432\u0442\u043e\u0440\u0438\u0437\u0430\u0446\u0438\u044e.\n\n\u0422\u0430\u043a\u0438\u043c \u043e\u0431\u0440\u0430\u0437\u043e\u043c, \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a \u043c\u043e\u0433 \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u0437\u0430\u0449\u0438\u0449\u0451\u043d\u043d\u044b\u043c API-\u044d\u043d\u0434\u043f\u043e\u0438\u043d\u0442\u0430\u043c, \u0441\u043e\u0437\u0434\u0430\u0442\u044c \u0443\u0447\u0451\u0442\u043d\u0443\u044e \u0437\u0430\u043f\u0438\u0441\u044c \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u043e\u0440\u0430 \u0438 \u0437\u0430\u0445\u0432\u0430\u0442\u0438\u0442\u044c \u0441\u0430\u0439\u0442. \u0411\u043e\u043b\u0435\u0435 \u0442\u043e\u0433\u043e, \u0442\u0430\u043a\u0438\u0435 \u0434\u0435\u0439\u0441\u0442\u0432\u0438\u044f \u043b\u0435\u0433\u043a\u043e \u0430\u0432\u0442\u043e\u043c\u0430\u0442\u0438\u0437\u0438\u0440\u0443\u044e\u0442\u0441\u044f. \u041f\u043e \u0434\u0430\u043d\u043d\u044b\u043c Patchstack, \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u043d\u0430\u0447\u0430\u043b\u0438 \u0430\u043a\u0442\u0438\u0432\u043d\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u0431\u0430\u0433 \u0432\u0441\u0435\u0433\u043e \u0447\u0435\u0440\u0435\u0437 \u0447\u0435\u0442\u044b\u0440\u0435 \u0447\u0430\u0441\u0430 \u043f\u043e\u0441\u043b\u0435 \u0435\u0433\u043e \u043f\u0443\u0431\u043b\u0438\u043a\u0430\u0446\u0438\u0438 \u0432 \u0431\u0430\u0437\u0435 \u0434\u0430\u043d\u043d\u044b\u0445 \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u0438.\n\n\u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 \u043e\u0442\u043c\u0435\u0447\u0430\u044e\u0442, \u0447\u0442\u043e \u0430\u0442\u0430\u043a\u0438 \u0441\u043e\u043f\u0440\u043e\u0432\u043e\u0436\u0434\u0430\u044e\u0442\u0441\u044f \u0441\u043e\u0437\u0434\u0430\u043d\u0438\u0435\u043c \u043d\u043e\u0432\u044b\u0445 \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u043e\u0440\u0441\u043a\u0438\u0445 \u0430\u043a\u043a\u0430\u0443\u043d\u0442\u043e\u0432 \u0441\u043e \u0441\u043b\u0443\u0447\u0430\u0439\u043d\u044b\u043c\u0438 \u043b\u043e\u0433\u0438\u043d\u0430\u043c\u0438, \u043f\u0430\u0440\u043e\u043b\u044f\u043c\u0438 \u0438 \u043f\u043e\u0447\u0442\u043e\u0432\u044b\u043c\u0438 \u0430\u0434\u0440\u0435\u0441\u0430\u043c\u0438. \u042d\u0442\u043e \u0443\u043a\u0430\u0437\u044b\u0432\u0430\u0435\u0442 \u043d\u0430 \u0430\u0432\u0442\u043e\u043c\u0430\u0442\u0438\u0437\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0439 \u0445\u0430\u0440\u0430\u043a\u0442\u0435\u0440 \u0430\u0442\u0430\u043a, \u0441\u043a\u043e\u0440\u0435\u0435 \u0432\u0441\u0435\u0433\u043e, \u0441 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435\u043c \u0441\u043a\u0440\u0438\u043f\u0442\u043e\u0432 \u0438\u043b\u0438 \u0431\u043e\u0442\u043e\u0432.\n\n\u041d\u0430 \u0434\u0430\u043d\u043d\u044b\u0439 \u043c\u043e\u043c\u0435\u043d\u0442 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f\u043c \u043f\u043b\u0430\u0433\u0438\u043d\u0430 \u043d\u0430\u0441\u0442\u043e\u044f\u0442\u0435\u043b\u044c\u043d\u043e \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u0442\u0441\u044f \u043a\u0430\u043a \u043c\u043e\u0436\u043d\u043e \u0441\u043a\u043e\u0440\u0435\u0435 \u043e\u0431\u043d\u043e\u0432\u0438\u0442\u044c\u0441\u044f \u0434\u043e \u0432\u0435\u0440\u0441\u0438\u0438 1.0.79. \u0422\u0430\u043a\u0436\u0435 \u0441\u043b\u0435\u0434\u0443\u0435\u0442 \u0432\u0440\u0443\u0447\u043d\u0443\u044e \u043f\u0440\u043e\u0432\u0435\u0440\u0438\u0442\u044c \u043b\u043e\u0433\u0438 \u043d\u0430 \u043f\u0440\u0435\u0434\u043c\u0435\u0442 \u043f\u043e\u0434\u043e\u0437\u0440\u0438\u0442\u0435\u043b\u044c\u043d\u044b\u0445 \u0434\u0435\u0439\u0441\u0442\u0432\u0438\u0439: \u043f\u043e\u044f\u0432\u043b\u0435\u043d\u0438\u044f \u043d\u043e\u0432\u044b\u0445 \u0430\u043a\u043a\u0430\u0443\u043d\u0442\u043e\u0432, \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043a\u0438 \u043d\u0435\u0438\u0437\u0432\u0435\u0441\u0442\u043d\u044b\u0445 \u0442\u0435\u043c \u0438 \u043f\u043b\u0430\u0433\u0438\u043d\u043e\u0432, \u0438\u0437\u043c\u0435\u043d\u0435\u043d\u0438\u044f \u043d\u0430\u0441\u0442\u0440\u043e\u0435\u043a \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0438\u043b\u0438 \u0441\u043e\u0431\u044b\u0442\u0438\u0439 \u0434\u043e\u0441\u0442\u0443\u043f\u0430 \u043a \u0431\u0430\u0437\u0435 \u0434\u0430\u043d\u043d\u044b\u0445.\n\n\u042d\u0442\u0430 \u0441\u0438\u0442\u0443\u0430\u0446\u0438\u044f \u043d\u0430\u0433\u043b\u044f\u0434\u043d\u043e \u043f\u043e\u043a\u0430\u0437\u044b\u0432\u0430\u0435\u0442, \u043d\u0430\u0441\u043a\u043e\u043b\u044c\u043a\u043e \u0432\u0430\u0436\u043d\u043e \u043d\u0435\u043c\u0435\u0434\u043b\u0435\u043d\u043d\u043e \u043f\u0440\u0438\u043c\u0435\u043d\u044f\u0442\u044c \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f \u043f\u043e\u0441\u043b\u0435 \u043f\u0443\u0431\u043b\u0438\u0447\u043d\u043e\u0433\u043e \u0440\u0430\u0441\u043a\u0440\u044b\u0442\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439. \u0414\u0430\u0436\u0435 \u043d\u0435\u0441\u043a\u043e\u043b\u044c\u043a\u043e \u0447\u0430\u0441\u043e\u0432 \u0437\u0430\u0434\u0435\u0440\u0436\u043a\u0438 \u043c\u043e\u0433\u0443\u0442 \u043e\u043a\u0430\u0437\u0430\u0442\u044c\u0441\u044f \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u043c\u0438.\n\n\ud83d\udd14 ITsec NEWS", "creation_timestamp": "2025-04-11T07:56:23.000000Z"}, {"uuid": "25787223-a050-4c09-9892-447226e0db59", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-3102", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/31251", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2025\n\u63cf\u8ff0\uff1aEXPLOIT CVE-2025-3102 \nURL\uff1ahttps://github.com/xxmarcosrobertoxx/vanda-CVE-2025-3102\n\n\u6807\u7b7e\uff1a#CVE-2025", "creation_timestamp": "2025-04-12T04:26:10.000000Z"}, {"uuid": "24102f21-7577-457f-9aac-db2e5a6af0d1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-31024", "type": "seen", "source": "https://t.me/cvedetector/21726", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-31024 - RJ Quickcharts SQL Injection\", \n  \"Content\": \"CVE ID : CVE-2025-31024 \nPublished : April 1, 2025, 6:15 a.m. | 1\u00a0hour, 5\u00a0minutes ago \nDescription : Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in randyjensen RJ Quickcharts allows SQL Injection. This issue affects RJ Quickcharts: from n/a through 0.6.1. \nSeverity: 8.5 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"01 Apr 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-04-01T09:26:44.000000Z"}, {"uuid": "67f89680-2bad-47d1-8382-cf4fff987f92", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-3102", "type": "published-proof-of-concept", "source": "Telegram/S3luyvJ2R7xCTSLpSlkUyEdAxTgE_nQEIWaJA9giiuBhhRI", "content": "", "creation_timestamp": "2025-06-03T15:00:07.000000Z"}, {"uuid": "9bf6e0dd-d331-4a53-b219-31a494b1710a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-3102", "type": "published-proof-of-concept", "source": "Telegram/BL_e4Pn2XWXBMx9wZEPrIGi745f5BxsRycAwQ7vbPIRX9mY", "content": "", "creation_timestamp": "2025-06-05T21:00:06.000000Z"}, {"uuid": "8283af24-f247-4ee5-ac65-9a57a42211cf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-3102", "type": "seen", "source": "https://t.me/cvedetector/22623", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-3102 - WordPress SureTriggers Plugin Authentication Bypass Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-3102 \nPublished : April 10, 2025, 5:15 a.m. | 1\u00a0hour, 43\u00a0minutes ago \nDescription : The SureTriggers: All-in-One Automation Platform plugin for WordPress is vulnerable to an authentication bypass leading to administrative account creation due to a missing empty value check on the 'secret_key' value in the 'autheticate_user' function in all versions up to, and including, 1.0.78. This makes it possible for unauthenticated attackers to create administrator accounts on the target website when the plugin is installed and activated but not configured with an API key. \nSeverity: 8.1 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"10 Apr 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-04-10T09:30:20.000000Z"}, {"uuid": "bde6163b-fbe7-4f26-86c8-58f0a2b47f40", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-3102", "type": "exploited", "source": "https://t.me/ton618cyber/8824", "content": "OttoKit WordPress Plugin Admin Creation Vulnerability Under Active Exploitation\n\nA critical OttoKit plugin flaw CVE-2025-3102 exploited within hours lets attackers create admin accounts unchecked.\n\nThe Hacker News | thehackernews.com \u2022 Apr 11, 2025", "creation_timestamp": "2025-04-11T15:32:18.000000Z"}, {"uuid": "7cac3ae0-81f2-4039-92a7-cb1af3048f20", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-3102", "type": "exploited", "source": "https://t.me/ton618cyber/3522", "content": "OttoKit WordPress Plugin Admin Creation Vulnerability Under Active Exploitation\n\nA critical OttoKit plugin flaw CVE-2025-3102 exploited within hours lets attackers create admin accounts unchecked.\n\nThe Hacker News | thehackernews.com \u2022 Apr 11, 2025", "creation_timestamp": "2025-04-11T15:32:18.000000Z"}, {"uuid": "6ea49b33-9401-49cb-9a74-4f51825d8389", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-3102", "type": "published-proof-of-concept", "source": "Telegram/hLS-BbIPUB3i27D5KHxBUQyxrR1zGhnGwzCb4We66ityBOg", "content": "", "creation_timestamp": "2025-04-21T09:00:07.000000Z"}, {"uuid": "cee1f62a-5b49-4a31-a1c7-5b1bdb5555ab", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-3102", "type": "exploited", "source": "https://t.me/CyberBulletin/3013", "content": "\u26a1\ufe0fA critical OttoKit plugin flaw (CVE-2025-3102) is under active attack: 100K+ WordPress sites at risk.\n\nHackers can create admin accounts and fully take over vulnerable sites.\n\n#CyberBulletin", "creation_timestamp": "2025-04-12T02:02:46.000000Z"}, {"uuid": "b04e4de8-369e-4f7b-b4d3-a5785e6ef4d6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-3102", "type": "exploited", "source": "Telegram/sOZt0PFvhp9ej4rUu2aQfp70VUbZXlJrSYK0gWlZFSsUGQ", "content": "", "creation_timestamp": "2025-04-11T07:39:03.000000Z"}, {"uuid": "2d74c48f-dd91-4d88-857a-5d6c5b8c5f6d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-3102", "type": "published-proof-of-concept", "source": "Telegram/mIQYUSqdZG0qC4ccPPwRpa360xwamTmZCIxoO7vEILe4Sa0", "content": "", "creation_timestamp": "2025-04-15T05:00:10.000000Z"}, {"uuid": "1f97f6ce-6964-43b8-ae0d-c0e7fdf2f629", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-3102", "type": "published-proof-of-concept", "source": "Telegram/YHR5LDl8bCoziN9wxHaTi6ArVs3jBR0B5N7TdotJGSgguKs", "content": "", "creation_timestamp": "2025-04-12T11:00:06.000000Z"}, {"uuid": "3afddb0e-bc5e-4423-bde9-06ac2a89243f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-3102", "type": "published-proof-of-concept", "source": "Telegram/3Hw0ti8HK8QOqtOY2rsuqDdNwUtzE1sTstZVcrt4AbtXgI8", "content": "", "creation_timestamp": "2025-04-14T23:00:06.000000Z"}, {"uuid": "758067e3-ea81-4a3e-862c-1e3bafc94c67", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-3102", "type": "published-proof-of-concept", "source": "Telegram/URqOiJy6jj4g4EvmcBVRx9BvwVfWdwMKgkptgqRz_hsO8qo", "content": "", "creation_timestamp": "2025-04-12T17:00:11.000000Z"}, {"uuid": "feaee3c5-2597-4b2b-8175-7ae5fbe7d23b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-3102", "type": "published-proof-of-concept", "source": "Telegram/UlWNd2CR3jGZxvVFGVDjJz1c1thleXP8-jCnAfYOo8Kc_pA", "content": "", "creation_timestamp": "2025-04-16T19:10:44.000000Z"}, {"uuid": "40660607-1538-4698-a037-a20f55c963ae", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-3102", "type": "published-proof-of-concept", "source": "Telegram/K3G4aWQS7qLc_jUTWSo5csV7XU_qHMkvkvRj66ErRg9g6U4", "content": "", "creation_timestamp": "2025-04-14T17:00:07.000000Z"}, {"uuid": "7637c304-1ea2-41d6-8fb1-b17e6f354ac1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-3102", "type": "seen", "source": "Telegram/TrTtZDlxpbFpk8M-zmc8aWcsEx5X5eIera1FkEN864Om4qg", "content": "", "creation_timestamp": "2025-04-10T07:30:19.000000Z"}, {"uuid": "a9bdf2e6-27c4-4e7b-8c51-802ee8178171", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-3102", "type": "exploited", "source": "https://t.me/true_secator/6936", "content": "\u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 Wordfence \u0432 \u0441\u0432\u043e\u0435\u043c \u043e\u0442\u0447\u0435\u0442\u0435 \u043a\u043e\u043d\u0441\u0442\u0430\u0442\u0438\u0440\u0443\u044e\u0442 \u043f\u0435\u0447\u0430\u043b\u044c\u043d\u0443\u044e \u0442\u0435\u043d\u0434\u0435\u043d\u0446\u0438\u044e \u043f\u043e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044f\u043c WordPress.\n\n\u0412\u0441\u0435\u0433\u043e \u0432 \u043f\u0440\u043e\u0448\u043b\u043e\u043c \u0433\u043e\u0434\u0443 \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 \u0440\u0430\u0441\u043a\u0440\u044b\u043b\u0438 \u0431\u043e\u043b\u0435\u0435 8000 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 WP, \u0438\u0437 \u043a\u043e\u0442\u043e\u0440\u044b\u0445 \u0431\u043e\u043b\u0435\u0435 \u0447\u0435\u0442\u0432\u0435\u0440\u0442\u0438 \u043d\u0435 \u043f\u043e\u043b\u0443\u0447\u0438\u043b\u0438 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0439 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438.\n\n\u041f\u0440\u0438\u043c\u0435\u0447\u0430\u0442\u0435\u043b\u044c\u043d\u043e, \u0447\u0442\u043e \u0442\u043e\u043b\u044c\u043a\u043e 5 \u0438\u0437 8000 \u043f\u0440\u043e\u0431\u043b\u0435\u043c, \u0440\u0430\u0441\u043a\u0440\u044b\u0442\u044b\u0445 \u0432 \u043f\u0440\u043e\u0448\u043b\u043e\u043c \u0433\u043e\u0434\u0443, \u0437\u0430\u0442\u0440\u043e\u043d\u0443\u043b\u0438 \u044f\u0434\u0440\u043e WordPress, \u0447\u0442\u043e \u043f\u043e\u043a\u0430\u0437\u044b\u0432\u0430\u0435\u0442, \u043d\u0430\u0441\u043a\u043e\u043b\u044c\u043a\u043e CMS \u043f\u0440\u043e\u0434\u0432\u0438\u043d\u0443\u043b\u0430\u0441\u044c \u0432 \u043f\u043b\u0430\u043d\u0435 \u0443\u0441\u0438\u043b\u0435\u043d\u0438\u044f \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438.\n\n\u041f\u0440\u0438 \u044d\u0442\u043e\u043c \u0431\u043e\u043b\u0435\u0435 96% \u0432\u0441\u0435\u0445 \u044d\u0442\u0438\u0445 \u043e\u0448\u0438\u0431\u043e\u043a \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u044e\u0442 \u043f\u043b\u0430\u0433\u0438\u043d\u044b, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0441\u0435\u0439\u0447\u0430\u0441 \u044f\u0432\u043b\u044f\u044e\u0442\u0441\u044f \u0443\u0433\u0440\u043e\u0437\u043e\u0439 \u043d\u043e\u043c\u0435\u0440 \u043e\u0434\u0438\u043d \u0434\u043b\u044f \u0432\u043b\u0430\u0434\u0435\u043b\u044c\u0446\u0435\u0432 \u0441\u0430\u0439\u0442\u043e\u0432 WordPress.\n\n\u041f\u043e\u0441\u043b\u0435\u0434\u043d\u0438\u0439 \u044f\u0440\u043a\u0438\u0439 \u043f\u0440\u0438\u043c\u0435\u0440 - OttoKit (\u0440\u0430\u043d\u0435\u0435 SureTriggers) \u0434\u043b\u044f WordPress, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u0441\u043e\u0433\u043b\u0430\u0441\u043d\u043e \u0441\u0442\u0430\u0442\u0438\u0441\u0442\u0438\u043a\u0435, \u0430\u043a\u0442\u0438\u0432\u0435\u043d \u043d\u0430 100 000 \u0432\u0435\u0431-\u0441\u0430\u0439\u0442\u043e\u0432.\n\nOttoKit WordPress\u00a0\u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f\u043c \u043f\u043e\u0434\u043a\u043b\u044e\u0447\u0430\u0442\u044c \u043f\u043b\u0430\u0433\u0438\u043d\u044b \u0438 \u0432\u043d\u0435\u0448\u043d\u0438\u0435 \u0438\u043d\u0441\u0442\u0440\u0443\u043c\u0435\u043d\u0442\u044b, \u0442\u0430\u043a\u0438\u0435 \u043a\u0430\u043a WooCommerce, Mailchimp \u0438 Google Sheets, \u0430\u0432\u0442\u043e\u043c\u0430\u0442\u0438\u0437\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u0442\u0430\u043a\u0438\u0435 \u0437\u0430\u0434\u0430\u0447\u0438, \u043a\u0430\u043a \u043e\u0442\u043f\u0440\u0430\u0432\u043a\u0430 \u043f\u0438\u0441\u0435\u043c \u0438 \u0434\u043e\u0431\u0430\u0432\u043b\u0435\u043d\u0438\u0435 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u0439 \u0438\u043b\u0438 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 CRM \u0431\u0435\u0437 \u043a\u043e\u0434\u0430.\n\nWordfence \u043f\u043e\u043b\u0443\u0447\u0438\u043b\u0430 \u043e\u0442\u0447\u0435\u0442 \u043e\u0431 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043e\u0442 \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u044f mikemyers \u0432 \u0441\u0435\u0440\u0435\u0434\u0438\u043d\u0435 \u043c\u0430\u0440\u0442\u0430.\n\n3 \u0430\u043f\u0440\u0435\u043b\u044f \u0443\u0448\u043b\u043e \u0443\u0432\u0435\u0434\u043e\u043c\u043b\u0435\u043d\u0438\u0435 \u043f\u043e\u0441\u0442\u0430\u0432\u0449\u0438\u043a\u0443 \u043f\u043b\u0430\u0433\u0438\u043d\u0430 \u0441 \u043f\u043e\u043b\u043d\u043e\u0439 \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0435\u0439 \u043e\u0431 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438, \u0438 \u0432 \u0442\u043e\u0442 \u0436\u0435 \u0434\u0435\u043d\u044c \u0432\u044b\u0448\u043b\u043e \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0435 \u0432 \u0432\u0435\u0440\u0441\u0438\u0438 1.0.79.\n\n\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432\u043e\u0437\u043d\u0438\u043a\u0430\u0435\u0442 \u0438\u0437-\u0437\u0430 \u043e\u0442\u0441\u0443\u0442\u0441\u0442\u0432\u0438\u044f \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0438 \u043f\u0443\u0441\u0442\u043e\u0433\u043e \u0437\u043d\u0430\u0447\u0435\u043d\u0438\u044f \u0432 \u0444\u0443\u043d\u043a\u0446\u0438\u0438 authenticate_user(), \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043e\u0431\u0440\u0430\u0431\u0430\u0442\u044b\u0432\u0430\u0435\u0442 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u044e REST API. \n\n\u042d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u0430, \u0435\u0441\u043b\u0438 \u043f\u043b\u0430\u0433\u0438\u043d \u043d\u0435 \u043d\u0430\u0441\u0442\u0440\u043e\u0435\u043d \u0441 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435\u043c \u043a\u043b\u044e\u0447\u0430 API, \u0447\u0442\u043e \u043f\u0440\u0438\u0432\u043e\u0434\u0438\u0442 \u043a \u0442\u043e\u043c\u0443, \u0447\u0442\u043e \u0441\u043e\u0445\u0440\u0430\u043d\u0435\u043d\u043d\u044b\u0439 secret_key \u043e\u0441\u0442\u0430\u0435\u0442\u0441\u044f \u043f\u0443\u0441\u0442\u044b\u043c.\n\n\u0417\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a \u043c\u043e\u0436\u0435\u0442 \u0432\u043e\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c\u0441\u044f \u044d\u0442\u0438\u043c, \u043e\u0442\u043f\u0440\u0430\u0432\u0438\u0432 \u043f\u0443\u0441\u0442\u043e\u0439 \u0437\u0430\u0433\u043e\u043b\u043e\u0432\u043e\u043a st_authorization, \u0447\u0442\u043e\u0431\u044b \u043f\u0440\u043e\u0439\u0442\u0438 \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0443 \u0438 \u043f\u0440\u0435\u0434\u043e\u0441\u0442\u0430\u0432\u0438\u0442\u044c \u043d\u0435\u0441\u0430\u043d\u043a\u0446\u0438\u043e\u043d\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0435 \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u0437\u0430\u0449\u0438\u0449\u0435\u043d\u043d\u044b\u043c \u043a\u043e\u043d\u0435\u0447\u043d\u044b\u043c \u0442\u043e\u0447\u043a\u0430\u043c API.\n\n\u041f\u043e \u0441\u0443\u0442\u0438, CVE-2025-3102 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c \u0441\u043e\u0437\u0434\u0430\u0432\u0430\u0442\u044c \u043d\u043e\u0432\u044b\u0435 \u0443\u0447\u0435\u0442\u043d\u044b\u0435 \u0437\u0430\u043f\u0438\u0441\u0438 \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u043e\u0440\u043e\u0432 \u0431\u0435\u0437 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438, \u0447\u0442\u043e \u0441\u043e\u0437\u0434\u0430\u0435\u0442 \u0432\u044b\u0441\u043e\u043a\u0438\u0439 \u0440\u0438\u0441\u043a \u043f\u043e\u043b\u043d\u043e\u0433\u043e \u0437\u0430\u0445\u0432\u0430\u0442\u0430 \u0441\u0430\u0439\u0442\u0430.\n\n9 \u0430\u043f\u0440\u0435\u043b\u044f Wordfence \u0440\u0430\u0441\u043a\u0440\u044b\u043b\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043e\u0431\u0445\u043e\u0434\u0430 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438 \u0432 OttoKit, \u0438\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u0446\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u0443\u044e \u043a\u0430\u043a CVE-2025-3102, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u0435\u0442 \u0432\u0441\u0435 \u0432\u0435\u0440\u0441\u0438\u0438 \u0434\u043e 1.0.78.\n\n\u041e\u0434\u043d\u0430\u043a\u043e \u0445\u0430\u043a\u0435\u0440\u044b \u0431\u044b\u0441\u0442\u0440\u043e \u043f\u0440\u0438\u0441\u0442\u0443\u043f\u0438\u043b\u0438 \u043a \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438, \u0432\u043e\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0432\u0448\u0438\u0441\u044c \u0437\u0430\u0434\u0435\u0440\u0436\u043a\u043e\u0439 \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u043e\u0440\u043e\u0432 \u0441 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435\u043c \u043f\u043b\u0430\u0433\u0438\u043d\u0430.\n\n\u041f\u0435\u0440\u0432\u044b\u0435 \u043f\u043e\u043f\u044b\u0442\u043a\u0438 \u0431\u044b\u043b\u0438 \u0437\u0430\u0444\u0438\u043a\u0441\u0438\u0440\u0432\u043e\u0430\u043d\u044b \u0432\u0441\u0435\u0433\u043e \u0447\u0435\u0440\u0435\u0437 \u043d\u0435\u0441\u043a\u043e\u043b\u044c\u043a\u043e \u0447\u0430\u0441\u043e\u0432 \u043f\u043e\u0441\u043b\u0435 \u0435\u0435 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0438\u044f.\n\n\u0417\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u043f\u044b\u0442\u0430\u044e\u0442\u0441\u044f \u0441\u043e\u0437\u0434\u0430\u0442\u044c \u043d\u043e\u0432\u044b\u0435 \u0443\u0447\u0435\u0442\u043d\u044b\u0435 \u0437\u0430\u043f\u0438\u0441\u0438 \u0430\u0434\u043c\u0438\u043d\u043e\u0432, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044f \u0441\u043b\u0443\u0447\u0430\u0439\u043d\u0443\u044e \u043a\u043e\u043c\u0431\u0438\u043d\u0430\u0446\u0438\u044e \u0438\u043c\u0435\u043d\u0438 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f/\u043f\u0430\u0440\u043e\u043b\u044f \u0438 \u0430\u0434\u0440\u0435\u0441\u0430 \u044d\u043b\u0435\u043a\u0442\u0440\u043e\u043d\u043d\u043e\u0439 \u043f\u043e\u0447\u0442\u044b, \u0447\u0442\u043e \u044f\u0432\u043b\u044f\u0435\u0442\u0441\u044f \u043f\u0440\u0438\u0437\u043d\u0430\u043a\u043e\u043c \u0430\u0432\u0442\u043e\u043c\u0430\u0442\u0438\u0437\u0430\u0446\u0438\u0438 \u0437\u0430\u0434\u0430\u0447.\n\n\u0422\u0430\u043a \u0447\u0442\u043e \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f\u043c \u043d\u0430\u0441\u0442\u043e\u044f\u0442\u0435\u043b\u044c\u043d\u043e \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u0442\u0441\u044f \u043e\u0431\u043d\u043e\u0432\u0438\u0442\u044c\u0441\u044f \u0434\u043e \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0435\u0439 \u0432\u0435\u0440\u0441\u0438\u0438 OttoKit/SureTriggers - 1.0.79 \u0438 \u0438 \u043f\u0440\u043e\u0432\u0435\u0440\u0438\u0442\u044c \u0436\u0443\u0440\u043d\u0430\u043b\u044b \u043d\u0430 \u043f\u0440\u0435\u0434\u043c\u0435\u0442 \u043c\u0430\u043d\u0438\u043f\u0443\u043b\u044f\u0446\u0438\u0438 \u0441 \u0443\u0447\u0435\u0442\u043d\u044b\u043c\u0438 \u0437\u0430\u043f\u0438\u0441\u044f\u043c\u0438 \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u043e\u0440\u0430, \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043a\u0438 \u043f\u043b\u0430\u0433\u0438\u043d\u043e\u0432/\u0442\u0435\u043c, \u0441\u043e\u0431\u044b\u0442\u0438\u0439 \u0434\u043e\u0441\u0442\u0443\u043f\u0430 \u043a \u0431\u0430\u0437\u0435 \u0434\u0430\u043d\u043d\u044b\u0445 \u0438 \u0438\u0437\u043c\u0435\u043d\u0435\u043d\u0438\u044f \u043d\u0430\u0441\u0442\u0440\u043e\u0435\u043a \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438.", "creation_timestamp": "2025-04-11T12:12:32.000000Z"}, {"uuid": "200cf4aa-89ce-44a8-b136-4baa984d78cf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-3102", "type": "exploited", "source": "https://t.me/true_secator/7019", "content": "\u041a\u0438\u0431\u0435\u0440\u043f\u043e\u0434\u043f\u043e\u043b\u044c\u0435 \u043e\u043f\u0435\u0440\u0430\u0442\u0438\u0432\u043d\u043e \u043f\u0435\u0440\u0435\u043a\u043b\u044e\u0447\u0438\u043b\u043e\u0441\u044c \u043d\u0430 \u0432\u0442\u043e\u0440\u0443\u044e \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0443\u044e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 \u043f\u043b\u0430\u0433\u0438\u043d\u0435 OttoKit \u0434\u043b\u044f WordPress \u0434\u043b\u044f \u0432\u0437\u043b\u043e\u043c\u0430 \u0441\u0430\u0439\u0442\u043e\u0432 WordPress.\n\n\u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 Defiant \u043f\u0440\u0435\u0434\u0443\u043f\u0440\u0435\u0436\u0434\u0430\u044e\u0442 \u043e\u0431 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0432\u0442\u043e\u0440\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 OttoKit, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043f\u043e\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u043b\u0430 \u043c\u0435\u043d\u0435\u0435 \u0447\u0435\u043c \u0447\u0435\u0440\u0435\u0437 \u043c\u0435\u0441\u044f\u0446 \u043f\u043e\u0441\u043b\u0435 \u0442\u043e\u0433\u043e, \u043a\u0430\u043a \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u0431\u044b\u043b\u0438 \u0437\u0430\u043c\u0435\u0447\u0435\u043d\u044b \u0432 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0438 \u0434\u0440\u0443\u0433\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0434\u043b\u044f \u0437\u0430\u0445\u0432\u0430\u0442\u0430 \u0432\u0435\u0431-\u0441\u0430\u0439\u0442\u043e\u0432.\n\n\u041f\u043b\u0430\u0433\u0438\u043d OttoKit: All-in-One Automation Platform (\u0440\u0430\u043d\u0435\u0435 SureTriggers), \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043b\u0435\u043d\u043d\u044b\u0439 \u0431\u043e\u043b\u0435\u0435 100 000 \u0440\u0430\u0437, \u043f\u0440\u0435\u0434\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u043e\u0440\u0430\u043c \u0441\u0430\u0439\u0442\u043e\u0432 \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e\u0441\u0442\u0438 \u0430\u0432\u0442\u043e\u043c\u0430\u0442\u0438\u0437\u0430\u0446\u0438\u0438 \u0437\u0430\u0434\u0430\u0447, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044f \u0438\u043c \u043f\u043e\u0434\u043a\u043b\u044e\u0447\u0430\u0442\u044c \u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u044f, \u0432\u0435\u0431-\u0441\u0430\u0439\u0442\u044b \u0438 \u0434\u0440\u0443\u0433\u0438\u0435 \u043f\u043b\u0430\u0433\u0438\u043d\u044b.\n\n\u0412 \u043d\u0430\u0447\u0430\u043b\u0435 \u0430\u043f\u0440\u0435\u043b\u044f \u0431\u044b\u043b\u0430 \u0437\u0430\u0444\u0438\u043a\u0441\u0438\u0440\u043e\u0432\u0430\u043d\u0430 \u0430\u043a\u0442\u0438\u0432\u043d\u043e\u0441\u0442\u044c, \u043d\u0430\u0446\u0435\u043b\u0435\u043d\u043d\u0430\u044f \u043d\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c CVE-2025-3102\u00a0- \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u0443 \u043e\u0442\u0441\u0443\u0442\u0441\u0442\u0432\u0438\u044f \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0438, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u043b\u0430 \u043d\u043e\u0432\u044b\u0435 \u0438 \u043d\u0435\u043d\u0430\u0441\u0442\u0440\u043e\u0435\u043d\u043d\u044b\u0435 \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043a\u0438 OttoKit, - \u0434\u043b\u044f \u0441\u043e\u0437\u0434\u0430\u043d\u0438\u044f \u043d\u043e\u0432\u044b\u0445 \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u0438\u0432\u043d\u044b\u0445 \u0443\u0447\u0435\u0442\u043d\u044b\u0445 \u0437\u0430\u043f\u0438\u0441\u0435\u0439 \u0438 \u0437\u0430\u0445\u0432\u0430\u0442\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u044b\u0445 \u0432\u0435\u0431-\u0441\u0430\u0439\u0442\u043e\u0432.\n\n\u041d\u0430 \u044d\u0442\u043e\u0442 \u0440\u0430\u0437 Defiant \u043e\u0431\u0440\u0430\u0449\u0430\u0435\u0442 \u0432\u043d\u0438\u043c\u0430\u043d\u0438\u0435 \u043d\u0430 \u0430\u0442\u0430\u043a\u0438, \u043d\u0430\u0446\u0435\u043b\u0435\u043d\u043d\u044b\u0435 \u043d\u0430 \u043d\u043e\u0432\u0443\u044e \u043e\u0448\u0438\u0431\u043a\u0443 \u0432 \u043f\u043b\u0430\u0433\u0438\u043d\u0435, CVE-2025-27007 (\u043e\u0446\u0435\u043d\u043a\u0430 CVSS 9,8), \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u043d\u0435\u0430\u0432\u0442\u043e\u0440\u0438\u0437\u043e\u0432\u0430\u043d\u043d\u044b\u043c \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c \u043f\u043e\u0434\u043a\u043b\u044e\u0447\u0430\u0442\u044c\u0441\u044f \u043a \u0443\u044f\u0437\u0432\u0438\u043c\u044b\u043c \u0441\u0430\u0439\u0442\u0430\u043c.\n\n\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441 \u0444\u0443\u043d\u043a\u0446\u0438\u0435\u0439 \u043f\u043b\u0430\u0433\u0438\u043d\u0430 create_wp_connection(), \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043d\u0435 \u0441\u043f\u043e\u0441\u043e\u0431\u043d\u0430 \u0434\u043e\u043b\u0436\u043d\u044b\u043c \u043e\u0431\u0440\u0430\u0437\u043e\u043c \u043f\u0440\u043e\u0432\u0435\u0440\u044f\u0442\u044c \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u044e \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f, \u0447\u0442\u043e \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c \u043f\u043e\u0432\u044b\u0441\u0438\u0442\u044c \u0441\u0432\u043e\u0438 \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0438.\n\n\u041e\u0434\u043d\u0430\u043a\u043e \u0434\u043b\u044f \u0443\u0441\u043f\u0435\u0448\u043d\u043e\u0439 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043d\u0435\u043e\u0431\u0445\u043e\u0434\u0438\u043c\u043e, \u0447\u0442\u043e\u0431\u044b \u0441\u0430\u0439\u0442 \u043d\u0438\u043a\u043e\u0433\u0434\u0430 \u043d\u0435 \u0432\u043a\u043b\u044e\u0447\u0430\u043b \u0438 \u043d\u0435 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043b \u043f\u0430\u0440\u043e\u043b\u044c \u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u044f, \u0430 OttoKit/SureTriggers \u043d\u0438\u043a\u043e\u0433\u0434\u0430 \u0440\u0430\u043d\u0435\u0435 \u043d\u0435 \u043f\u043e\u0434\u043a\u043b\u044e\u0447\u0430\u043b\u0441\u044f \u043a \u0432\u0435\u0431-\u0441\u0430\u0439\u0442\u0443 \u0441 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435\u043c \u043f\u0430\u0440\u043e\u043b\u044f \u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u044f.\n\n\u0412 \u044d\u0442\u043e\u043c \u0441\u043b\u0443\u0447\u0430\u0435 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a \u0441\u043c\u043e\u0436\u0435\u0442 \u0443\u0441\u043f\u0435\u0448\u043d\u043e \u0432\u043e\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c\u0441\u044f \u044d\u0442\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c\u044e, \u0434\u0430\u0436\u0435 \u043d\u0435 \u0437\u043d\u0430\u044f \u0434\u0435\u0439\u0441\u0442\u0432\u0438\u0442\u0435\u043b\u044c\u043d\u043e\u0433\u043e \u0438\u043c\u0435\u043d\u0438 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f.\n\n\u041f\u043e\u0441\u043a\u043e\u043b\u044c\u043a\u0443 \u0434\u043b\u044f \u0443\u0441\u043f\u0435\u0448\u043d\u043e\u0433\u043e \u043f\u043e\u0434\u043a\u043b\u044e\u0447\u0435\u043d\u0438\u044f \u0432 \u043d\u0435\u043a\u043e\u0442\u043e\u0440\u044b\u0445 \u0441\u043b\u0443\u0447\u0430\u044f\u0445 \u0442\u0440\u0435\u0431\u0443\u0435\u0442\u0441\u044f \u043f\u0430\u0440\u043e\u043b\u044c \u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u044f, \u0441\u0430\u0439\u0442\u044b, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0443\u0436\u0435 \u043f\u043e\u0434\u043a\u043b\u044e\u0447\u0438\u043b\u0438\u0441\u044c \u043a \u043f\u043b\u0430\u0433\u0438\u043d\u0443 \u0441 \u043f\u043e\u043c\u043e\u0449\u044c\u044e \u043f\u0430\u0440\u043e\u043b\u044f \u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u044f, \u043d\u0435 \u0434\u043e\u043b\u0436\u043d\u044b \u0434\u043e\u043f\u0443\u0441\u043a\u0430\u0442\u044c \u043d\u0435\u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u0446\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0445 \u043f\u043e\u0434\u043a\u043b\u044e\u0447\u0435\u043d\u0438\u0439.", "creation_timestamp": "2025-05-07T19:00:09.000000Z"}, {"uuid": "62dda3c3-56ed-4c25-8415-e194084c3636", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-3102", "type": "exploited", "source": "https://t.me/thehackernews/6649", "content": "ALERT \u2014 A critical OttoKit plugin flaw (CVE-2025-3102) is under active attack: 100K+ WordPress sites at risk.\n\nHackers can create admin accounts and fully take over vulnerable sites.\n\nCheck admin users \u2192 Remove any suspicious accounts.\n\n\ud83d\udc49 Full details: https://thehackernews.com/2025/04/ottokit-wordpress-plugin-admin-creation.html\n\nIf you use OttoKit, update to v1.0.79 NOW.", "creation_timestamp": "2025-04-11T07:19:21.000000Z"}]}