{"vulnerability": "CVE-2025-6220", "sightings": [{"uuid": "7002a1da-aea9-44f9-917d-009ecc5fd6ee", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-6220", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lrvgrko2qe2q", "content": "", "creation_timestamp": "2025-06-18T16:33:07.456529Z"}, {"uuid": "0521bcb0-5ebe-4ef1-9ecf-0398ba5e090e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-62204", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3m5f4zqzzgt2b", "content": "", "creation_timestamp": "2025-11-11T21:58:28.872778Z"}, {"uuid": "23049679-cfda-4f6f-b07f-ffe61f1f8596", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-62207", "type": "seen", "source": "https://gist.github.com/Darkcrai86/143c459f32c57694b978c234ee505ced", "content": "", "creation_timestamp": "2025-11-21T07:42:47.000000Z"}, {"uuid": "e619e209-fd79-44de-9486-3f7865e2cfd8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-62201", "type": "seen", "source": "https://gist.github.com/Darkcrai86/adeaad814f2de1301470313361dab8f2", "content": "", "creation_timestamp": "2025-11-12T08:09:14.000000Z"}, {"uuid": "5830bb8e-c020-44e9-885b-e3711542fa06", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-62200", "type": "seen", "source": "https://gist.github.com/Darkcrai86/8861cd53f8b554cdeb48b9975bb98059", "content": "", "creation_timestamp": "2025-11-12T08:08:56.000000Z"}, {"uuid": "9aa7ad30-4f10-4281-b6d4-4229d2db288c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-62203", "type": "seen", "source": "https://gist.github.com/Darkcrai86/da549efed152f1d57e1e5253090172fd", "content": "", "creation_timestamp": "2025-11-12T08:09:40.000000Z"}, {"uuid": "ae80d461-1b7d-490a-97b8-479bea137e4a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-62200", "type": "seen", "source": "https://www.thezdi.com/blog/2025/11/11/the-november-2025-security-update-review", "content": "", "creation_timestamp": "2025-11-11T17:30:42.000000Z"}, {"uuid": "19593005-044d-4e1d-a510-1be54cb41ada", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-62202", "type": "seen", "source": "https://www.thezdi.com/blog/2025/11/11/the-november-2025-security-update-review", "content": "", "creation_timestamp": "2025-11-11T17:30:42.000000Z"}, {"uuid": "7e29fc87-d270-4767-b316-1c1a5f3c6371", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-62205", "type": "seen", "source": "https://advisories.ncsc.nl/advisory?id=NCSC-2025-0359", "content": "", "creation_timestamp": "2025-11-11T17:31:27.000000Z"}, {"uuid": "bf96cd14-f136-483d-a1a6-943001bae64b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-62209", "type": "seen", "source": "https://www.thezdi.com/blog/2025/11/11/the-november-2025-security-update-review", "content": "", "creation_timestamp": "2025-11-11T17:30:42.000000Z"}, {"uuid": "48d0ce13-f23d-43b2-bfc1-16b6ec282928", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-62201", "type": "seen", "source": "https://www.thezdi.com/blog/2025/11/11/the-november-2025-security-update-review", "content": "", "creation_timestamp": "2025-11-11T17:30:42.000000Z"}, {"uuid": "bb3d64d9-fbe8-4d68-9719-3b17f424fa50", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-62205", "type": "seen", "source": "https://www.thezdi.com/blog/2025/11/11/the-november-2025-security-update-review", "content": "", "creation_timestamp": "2025-11-11T17:30:42.000000Z"}, {"uuid": "81a22095-16da-41ba-915b-77ecc9945b0d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-62209", "type": "seen", "source": "https://advisories.ncsc.nl/advisory?id=NCSC-2025-0358", "content": "", "creation_timestamp": "2025-11-11T17:29:38.000000Z"}, {"uuid": "86ace4fa-8b4f-42d7-99ea-7fb52473e318", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-62203", "type": "seen", "source": "https://www.thezdi.com/blog/2025/11/11/the-november-2025-security-update-review", "content": "", "creation_timestamp": "2025-11-11T17:30:42.000000Z"}, {"uuid": "506ea613-2d6e-4a81-8fb3-b88af802becd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-62204", "type": "seen", "source": "https://www.thezdi.com/blog/2025/11/11/the-november-2025-security-update-review", "content": "", "creation_timestamp": "2025-11-11T17:30:42.000000Z"}, {"uuid": "4d613b46-ff7c-44d1-b89f-c6791ae2441a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-62207", "type": "seen", "source": "https://infosec.exchange/users/cR0w/statuses/115584444564008370", "content": "", "creation_timestamp": "2025-11-20T22:44:19.509166Z"}, {"uuid": "2ff4b81f-0932-435c-a79d-fa7973a87bbd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-62207", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3m63vvcoqcb2b", "content": "", "creation_timestamp": "2025-11-20T23:21:57.418718Z"}, {"uuid": "bc5dad3e-12ed-4d0a-8003-6ae3d160b98e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-62206", "type": "seen", "source": "https://www.thezdi.com/blog/2025/11/11/the-november-2025-security-update-review", "content": "", "creation_timestamp": "2025-11-11T17:30:42.000000Z"}, {"uuid": "c30d70a7-d6c4-440c-a85e-245c3ed89858", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-62203", "type": "seen", "source": "https://advisories.ncsc.nl/advisory?id=NCSC-2025-0359", "content": "", "creation_timestamp": "2025-11-11T17:31:27.000000Z"}, {"uuid": "06103e53-7101-49f2-93a6-ea912d1eb98f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-62208", "type": "seen", "source": "https://www.thezdi.com/blog/2025/11/11/the-november-2025-security-update-review", "content": "", "creation_timestamp": "2025-11-11T17:30:42.000000Z"}, {"uuid": "7e09aeb3-a627-420e-b83f-e9df2b7f9a3c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-62204", "type": "seen", "source": "https://advisories.ncsc.nl/advisory?id=NCSC-2025-0359", "content": "", "creation_timestamp": "2025-11-11T17:31:27.000000Z"}, {"uuid": "d207bac2-5fdf-490c-83e6-d0f58298d5fb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-62200", "type": "seen", "source": "https://advisories.ncsc.nl/advisory?id=NCSC-2025-0359", "content": "", "creation_timestamp": "2025-11-11T17:31:27.000000Z"}, {"uuid": "bce0619a-d57e-45c2-9984-f7038fcd00c6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-62202", "type": "seen", "source": "https://advisories.ncsc.nl/advisory?id=NCSC-2025-0359", "content": "", "creation_timestamp": "2025-11-11T17:31:27.000000Z"}, {"uuid": "a07652c3-7dc1-4d3a-b104-139d9782cb17", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-62208", "type": "seen", "source": "https://advisories.ncsc.nl/advisory?id=NCSC-2025-0358", "content": "", "creation_timestamp": "2025-11-11T17:29:38.000000Z"}, {"uuid": "b1c38fb0-ce0f-444d-98cf-0662cbaea3ac", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-62201", "type": "seen", "source": "https://advisories.ncsc.nl/advisory?id=NCSC-2025-0359", "content": "", "creation_timestamp": "2025-11-11T17:31:27.000000Z"}, {"uuid": "4ccae2f9-917b-48f2-8a22-ef88150f9294", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-6220", "type": "published-proof-of-concept", "source": "Telegram/sG5bEwqwg0wbu2257U_AVP1n6oi1Vbx9RKpot1MOV_JIWfY", "content": "", "creation_timestamp": "2025-06-18T11:00:06.000000Z"}, {"uuid": "93f931f4-313b-4fb2-998a-e7a822e7cb41", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-62203", "type": "seen", "source": "https://infosec.exchange/users/0patch/statuses/116007305485451454", "content": "", "creation_timestamp": "2026-02-03T15:03:24.881871Z"}, {"uuid": "1652727d-186e-4e6f-83f4-1a9d365d57f9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-62203", "type": "seen", "source": "https://bsky.app/profile/buherator.bsky.social/post/3mdy75sennf2h", "content": "", "creation_timestamp": "2026-02-03T20:28:17.174661Z"}, {"uuid": "3a0342ec-d315-49d0-a8c1-73b40fca557b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-62203", "type": "seen", "source": "https://bsky.app/profile/infosec.skyfleet.blue/post/3mdy2c6qyvj2l", "content": "", "creation_timestamp": "2026-02-03T19:01:16.115776Z"}, {"uuid": "644c8df1-a1b6-4baa-9b37-9e12cece5d11", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-6220", "type": "published-proof-of-concept", "source": "Telegram/uoYBKiu_Xn51hJnqtAHEC12cmvN8GwunxQwbHVt8gU3sEQo", "content": "", "creation_timestamp": "2025-06-18T03:00:06.000000Z"}, {"uuid": "03352b2f-3576-44f0-a309-ffe4c6d07f6e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-6220", "type": "published-proof-of-concept", "source": "Telegram/Bp-ws9maq3ZZR7jwO7SlGD7nkZWVF2-cG28oS29Jo94oQsk", "content": "", "creation_timestamp": "2025-06-18T12:30:54.000000Z"}, {"uuid": "bd51a4f9-42cd-4de3-a70d-6e3482126d9b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-6220", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/18718", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-6220\n\ud83d\udd25 CVSS Score: 7.2 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H)\n\ud83d\udd39 Description: The Ultra Addons for Contact Form 7 plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the 'save_options' function in all versions up to, and including, 3.5.12. This makes it possible for authenticated attackers, with Administrator-level access and above, to upload arbitrary files on the affected site's server which may make remote code execution possible.\n\ud83d\udccf Published: 2025-06-18T11:16:31.235Z\n\ud83d\udccf Modified: 2025-06-18T11:16:31.235Z\n\ud83d\udd17 References:\n1. https://www.wordfence.com/threat-intel/vulnerabilities/id/697f3432-63b7-42d6-b188-812165cd2020?source=cve\n2. https://plugins.trac.wordpress.org/browser/ultimate-addons-for-contact-form-7/trunk/admin/tf-options/classes/UACF7_Settings.php#L894-920\n3. https://plugins.trac.wordpress.org/changeset/3288584/\n4. https://github.com/d0n601/CVE-2025-6220\n5. https://ryankozak.com/posts/cve-2025-6220/", "creation_timestamp": "2025-06-18T11:38:17.000000Z"}]}