{"vulnerability": "CVE-2025-3221", "sightings": [{"uuid": "3bca1fe4-b960-41d8-8eb6-e0a0327cb6fa", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-3221", "type": "seen", "source": "https://infosec.exchange/users/vuldb/statuses/114722238828909876", "content": "", "creation_timestamp": "2025-06-21T16:14:03.461376Z"}, {"uuid": "c8a68821-ba9d-40a7-9f8b-8ca4679b7c30", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-3221", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3ls4pbgfcpl23", "content": "", "creation_timestamp": "2025-06-21T13:53:48.178500Z"}, {"uuid": "907d99c2-135c-4e3a-9003-7aeded7f4379", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-3221", "type": "published-proof-of-concept", "source": "Telegram/CdEjlQS48pmmYiRue1iSIop0mM6ShG3UfxdkOWB5soYPM-I", "content": "", "creation_timestamp": "2025-06-21T13:31:36.000000Z"}, {"uuid": "f725309f-d4fa-49bb-a8f5-f3dc73e168d1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-32210", "type": "seen", "source": "https://bsky.app/profile/getpokemon7.bsky.social/post/3mai45d7hds2i", "content": "", "creation_timestamp": "2025-12-21T06:36:09.766370Z"}, {"uuid": "cd73f18a-7f11-4993-aea9-60b71d78f0de", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-32214", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/11214", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-32214\n\ud83d\udd25 CVSS Score: 6.5 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L)\n\ud83d\udd39 Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Hive Support Hive Support allows Stored XSS. This issue affects Hive Support: from n/a through 1.2.2.\n\ud83d\udccf Published: 2025-04-10T08:09:45.392Z\n\ud83d\udccf Modified: 2025-04-10T08:09:45.392Z\n\ud83d\udd17 References:\n1. https://patchstack.com/database/wordpress/plugin/hive-support/vulnerability/wordpress-hive-support-plugin-1-2-2-cross-site-scripting-xss-vulnerability?_s_id=cve", "creation_timestamp": "2025-04-10T08:49:03.000000Z"}, {"uuid": "5050a77e-df5b-4cb6-afec-cee03bebe4b8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-32216", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/11212", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-32216\n\ud83d\udd25 CVSS Score: 6.4 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:L/A:L)\n\ud83d\udd39 Description: Missing Authorization vulnerability in Spider Themes Spider Elements \u2013 Addons for Elementor allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Spider Elements \u2013 Addons for Elementor: from n/a through 1.6.2.\n\ud83d\udccf Published: 2025-04-10T08:09:45.727Z\n\ud83d\udccf Modified: 2025-04-10T08:09:45.727Z\n\ud83d\udd17 References:\n1. https://patchstack.com/database/wordpress/plugin/spider-elements/vulnerability/wordpress-spider-elements-addons-for-elementor-plugin-1-6-2-broken-access-control-vulnerability?_s_id=cve", "creation_timestamp": "2025-04-10T08:48:58.000000Z"}, {"uuid": "c11aa6eb-69c2-4992-b6e4-c1db5df11f39", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-32215", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/11213", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-32215\n\ud83d\udd25 CVSS Score: 6.5 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L)\n\ud83d\udd39 Description: Unrestricted Upload of File with Dangerous Type vulnerability in Ability, Inc Accessibility Suite by Online ADA allows Stored XSS. This issue affects Accessibility Suite by Online ADA: from n/a through 4.18.\n\ud83d\udccf Published: 2025-04-10T08:09:45.576Z\n\ud83d\udccf Modified: 2025-04-10T08:09:45.576Z\n\ud83d\udd17 References:\n1. https://patchstack.com/database/wordpress/plugin/online-accessibility/vulnerability/wordpress-accessibility-suite-plugin-4-17-arbitrary-file-upload-vulnerability?_s_id=cve", "creation_timestamp": "2025-04-10T08:49:02.000000Z"}, {"uuid": "dc0e0b90-38f8-4bda-a4ef-fd26d711bc6e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-32210", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/11217", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-32210\n\ud83d\udd25 CVSS Score: 6.5 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N)\n\ud83d\udd39 Description: Missing Authorization vulnerability in CreativeMindsSolutions CM Registration and Invitation Codes allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects CM Registration and Invitation Codes: from n/a through 2.5.2.\n\ud83d\udccf Published: 2025-04-10T08:09:44.744Z\n\ud83d\udccf Modified: 2025-04-10T08:09:44.744Z\n\ud83d\udd17 References:\n1. https://patchstack.com/database/wordpress/plugin/cm-invitation-codes/vulnerability/wordpress-cm-registration-and-invitation-codes-plugin-2-5-2-broken-access-control-vulnerability?_s_id=cve", "creation_timestamp": "2025-04-10T08:49:06.000000Z"}, {"uuid": "b622f9bf-916c-4db0-8b19-2697f2b88ba4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-32212", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/11216", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-32212\n\ud83d\udd25 CVSS Score: 6.5 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N)\n\ud83d\udd39 Description: Missing Authorization vulnerability in Specia Theme Specia Companion allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Specia Companion: from n/a through 4.6.\n\ud83d\udccf Published: 2025-04-10T08:09:44.923Z\n\ud83d\udccf Modified: 2025-04-10T08:09:44.923Z\n\ud83d\udd17 References:\n1. https://patchstack.com/database/wordpress/plugin/specia-companion/vulnerability/wordpress-specia-companion-plugin-4-5-broken-access-control-vulnerability?_s_id=cve", "creation_timestamp": "2025-04-10T08:49:05.000000Z"}, {"uuid": "e5b6ee3e-9ad2-4b52-8873-4ceaeb0a0334", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-32213", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/11215", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-32213\n\ud83d\udd25 CVSS Score: 6.5 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N)\n\ud83d\udd39 Description: Missing Authorization vulnerability in flothemesplugins Flo Forms allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Flo Forms: from n/a through 1.0.43.\n\ud83d\udccf Published: 2025-04-10T08:09:45.212Z\n\ud83d\udccf Modified: 2025-04-10T08:09:45.212Z\n\ud83d\udd17 References:\n1. https://patchstack.com/database/wordpress/plugin/flo-forms/vulnerability/wordpress-flo-forms-plugin-1-0-43-broken-access-control-vulnerability?_s_id=cve", "creation_timestamp": "2025-04-10T08:49:04.000000Z"}, {"uuid": "8bf1fa80-d00a-447a-b49e-4147c56695ea", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-32211", "type": "seen", "source": "https://t.me/cvedetector/22473", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-32211 - Broadstreet Cross-Site Scripting (XSS)\", \n  \"Content\": \"CVE ID : CVE-2025-32211 \nPublished : April 8, 2025, 5:15 p.m. | 17\u00a0minutes ago \nDescription : Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Broadstreet Broadstreet allows Stored XSS. This issue affects Broadstreet: from n/a through 1.51.2. \nSeverity: 6.5 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"08 Apr 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-04-08T19:51:19.000000Z"}, {"uuid": "4a51aa17-7c8d-4e03-90c5-25e14f47db14", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-32213", "type": "seen", "source": "https://t.me/cvedetector/22641", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-32213 - Flothemesplugins Flo Forms Missing Authorization\", \n  \"Content\": \"CVE ID : CVE-2025-32213 \nPublished : April 10, 2025, 8:15 a.m. | 48\u00a0minutes ago \nDescription : Missing Authorization vulnerability in flothemesplugins Flo Forms allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Flo Forms: from n/a through 1.0.43. \nSeverity: 6.5 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"10 Apr 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-04-10T11:10:54.000000Z"}, {"uuid": "4c4fad11-d1ab-458d-b2bb-85e7430ba848", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-32212", "type": "seen", "source": "https://t.me/cvedetector/22640", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-32212 - Specia Companion Missing Authorization Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-32212 \nPublished : April 10, 2025, 8:15 a.m. | 48\u00a0minutes ago \nDescription : Missing Authorization vulnerability in Specia Theme Specia Companion allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Specia Companion: from n/a through 4.6. \nSeverity: 6.5 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"10 Apr 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-04-10T11:10:54.000000Z"}, {"uuid": "a7a67e17-e1cc-48e1-9198-06d5de9fc870", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-32210", "type": "seen", "source": "https://t.me/cvedetector/22639", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-32210 - CreativeMindsSolutions CM Registration and Invitation Codes Missing Authorization Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-32210 \nPublished : April 10, 2025, 8:15 a.m. | 48\u00a0minutes ago \nDescription : Missing Authorization vulnerability in CreativeMindsSolutions CM Registration and Invitation Codes allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects CM Registration and Invitation Codes: from n/a through 2.5.2. \nSeverity: 6.5 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"10 Apr 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-04-10T11:10:53.000000Z"}, {"uuid": "08605125-a98b-4421-a209-b855ad884cd7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-32215", "type": "seen", "source": "https://t.me/cvedetector/22643", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-32215 - Ability, Inc Accessibility Suite Unrestricted File Upload Stored XSS Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-32215 \nPublished : April 10, 2025, 8:15 a.m. | 48\u00a0minutes ago \nDescription : Unrestricted Upload of File with Dangerous Type vulnerability in Ability, Inc Accessibility Suite by Online ADA allows Stored XSS. This issue affects Accessibility Suite by Online ADA: from n/a through 4.18. \nSeverity: 6.5 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"10 Apr 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-04-10T11:10:56.000000Z"}, {"uuid": "fdc30ee2-6057-4910-b453-5485932c2479", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-32214", "type": "seen", "source": "https://t.me/cvedetector/22642", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-32214 - Hive Support Cross-Site Scripting\", \n  \"Content\": \"CVE ID : CVE-2025-32214 \nPublished : April 10, 2025, 8:15 a.m. | 48\u00a0minutes ago \nDescription : Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Hive Support Hive Support allows Stored XSS. This issue affects Hive Support: from n/a through 1.2.2. \nSeverity: 6.5 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"10 Apr 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-04-10T11:10:55.000000Z"}]}