{"vulnerability": "CVE-2025-4761", "sightings": [{"uuid": "a484692c-4f72-43be-b31d-fc884ba6ea0a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-4761", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lpboaird4o2j", "content": "", "creation_timestamp": "2025-05-16T09:03:12.068104Z"}, {"uuid": "360ba54e-af01-4ee6-85f1-15743c166785", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-47614", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/15552", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-47614\n\ud83d\udd25 CVSS Score: 4.3 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N)\n\ud83d\udd39 Description: Cross-Site Request Forgery (CSRF) vulnerability in Chris Clark LessButtons Social Sharing and Statistics allows Cross Site Request Forgery. This issue affects LessButtons Social Sharing and Statistics: from n/a through 1.6.1.\n\ud83d\udccf Published: 2025-05-07T14:20:30.890Z\n\ud83d\udccf Modified: 2025-05-08T16:14:09.879Z\n\ud83d\udd17 References:\n1. https://patchstack.com/database/wordpress/plugin/lessbuttons/vulnerability/wordpress-lessbuttons-social-sharing-and-statistics-plugin-1-6-1-cross-site-request-forgery-csrf-to-settings-change-vulnerability?_s_id=cve", "creation_timestamp": "2025-05-08T16:23:51.000000Z"}, {"uuid": "784796bc-320d-4aa0-ba74-034f01406f4f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-47612", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/15550", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-47612\n\ud83d\udd25 CVSS Score: 5.4 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L)\n\ud83d\udd39 Description: Missing Authorization vulnerability in flowdee ClickWhale allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects ClickWhale: from n/a through 2.4.6.\n\ud83d\udccf Published: 2025-05-07T14:20:30.323Z\n\ud83d\udccf Modified: 2025-05-08T16:14:44.030Z\n\ud83d\udd17 References:\n1. https://patchstack.com/database/wordpress/plugin/clickwhale/vulnerability/wordpress-clickwhale-2-4-6-broken-access-control-vulnerability?_s_id=cve", "creation_timestamp": "2025-05-08T16:23:49.000000Z"}, {"uuid": "fc79bb86-a519-480a-966b-bd00d0fb7bfe", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-4761", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/16660", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-4761\n\ud83d\udd25 CVSS Score: 6.9 (cvssV4_0, Vector: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N)\n\ud83d\udd39 Description: A vulnerability has been found in PHPGurukul Complaint Management System 2.0 and classified as critical. This vulnerability affects unknown code of the file /admin/admin-profile.php. The manipulation of the argument mobilenumber leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.\n\ud83d\udccf Published: 2025-05-16T08:00:12.352Z\n\ud83d\udccf Modified: 2025-05-16T08:00:12.352Z\n\ud83d\udd17 References:\n1. https://vuldb.com/?id.309064\n2. https://vuldb.com/?ctiid.309064\n3. https://vuldb.com/?submit.571314\n4. https://github.com/bleakTS/myCVE/issues/5\n5. https://phpgurukul.com/", "creation_timestamp": "2025-05-16T08:33:58.000000Z"}]}