{"vulnerability": "cve-2025-1517", "sightings": [{"uuid": "dd1e905a-fc03-44df-9117-4d5e3b856897", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-15179", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mb4k2sk7r22y", "content": "", "creation_timestamp": "2025-12-29T09:38:31.657425Z"}, {"uuid": "9cb2121f-ad4a-4824-8ad7-5291549710da", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-15177", "type": "published-proof-of-concept", "source": "Telegram/C8kpFgm-gE9qBqq_vI9uwUOw1teSIRFTW9_tGA9d1b6SgGE", "content": "", "creation_timestamp": "2025-12-29T19:00:09.000000Z"}, {"uuid": "1a0faa42-1b85-41c3-a64c-a699f776477c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-15170", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mb3yxpnnp22r", "content": "", "creation_timestamp": "2025-12-29T04:32:34.336832Z"}, {"uuid": "020cf61f-5567-446d-b820-fc113b675b56", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-15178", "type": "seen", "source": "https://bsky.app/profile/potato.software/post/3mb4ds2iskw2p", "content": "", "creation_timestamp": "2025-12-29T07:46:15.636148Z"}, {"uuid": "0545b646-7ab1-4548-9c23-b6a62e5fef9f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-15178", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mb4foboscc2q", "content": "", "creation_timestamp": "2025-12-29T08:19:56.443497Z"}, {"uuid": "6b7a3f8c-44c8-4e6e-8c50-8fc4e0be376e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-15176", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mb4fxni3cl22", "content": "", "creation_timestamp": "2025-12-29T08:25:10.715650Z"}, {"uuid": "545f4d69-3b69-44ea-b6f2-716408a1b5c9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-15171", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mb4g4zhmj32x", "content": "", "creation_timestamp": "2025-12-29T08:28:11.143162Z"}, {"uuid": "0c2f4e08-5bcc-445e-9433-4d18dedbb9c9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-15173", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mb4gjphc5d2y", "content": "", "creation_timestamp": "2025-12-29T08:35:16.828709Z"}, {"uuid": "d8a6c728-f04b-464b-8b69-60c784f1d577", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-15172", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mb4greyg7w2y", "content": "", "creation_timestamp": "2025-12-29T08:39:34.351579Z"}, {"uuid": "61ddcbe6-298c-4007-b1fb-5b659d8dd0dc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-15177", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mb4h2dg6dg2x", "content": "", "creation_timestamp": "2025-12-29T08:44:34.472585Z"}, {"uuid": "9cbc81ae-b868-4cea-a9ed-f8738dc26b99", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-15175", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mb4hdbtihz2q", "content": "", "creation_timestamp": "2025-12-29T08:49:35.076795Z"}, {"uuid": "f8807908-94c6-4caa-84e5-e189059114a7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-15174", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mb4i654g3y2e", "content": "", "creation_timestamp": "2025-12-29T09:04:35.923026Z"}, {"uuid": "83e134ae-8e2a-4972-ac0a-591e81f57eac", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-15179", "type": "seen", "source": "https://bsky.app/profile/potato.software/post/3mb5gkpdinm2x", "content": "", "creation_timestamp": "2025-12-29T18:08:29.889843Z"}, {"uuid": "c0f72096-b981-40aa-bbe4-bca3b80fbe1c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-15176", "type": "seen", "source": "https://bsky.app/profile/pmloik.bsky.social/post/3mb6cbaietd23", "content": "", "creation_timestamp": "2025-12-30T02:24:17.590270Z"}, {"uuid": "beda7ca6-a50c-450e-9968-995c81a6b7f2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-1517", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/5478", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-1517\n\ud83d\udd25 CVSS Score: 6.4 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N)\n\ud83d\udd39 Description: The Sina Extension for Elementor (Slider, Gallery, Form, Modal, Data Table, Tab, Particle, Free Elementor Widgets & Elementor Templates) plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Fancy Text, Countdown Widget, and Login Form shortcodes in all versions up to, and including, 3.6.0 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.\n\ud83d\udccf Published: 2025-02-26T08:21:56.971Z\n\ud83d\udccf Modified: 2025-02-26T08:21:56.971Z\n\ud83d\udd17 References:\n1. https://www.wordfence.com/threat-intel/vulnerabilities/id/e699f521-9133-41b0-b667-528da78fec06?source=cve\n2. https://wordpress.org/plugins/sina-extension-for-elementor/#developers\n3. https://plugins.trac.wordpress.org/browser/sina-extension-for-elementor/trunk/widgets/basic/sina-fancytext.php\n4. https://plugins.trac.wordpress.org/browser/sina-extension-for-elementor/trunk/widgets/advanced/sina-countdown.php\n5. https://plugins.trac.wordpress.org/browser/sina-extension-for-elementor/trunk/widgets/advanced/sina-login-form.php\n6. https://github.com/shaonsina/sina-extension-for-elementor/commit/5cb89db08b15a3011800ee0f6ad68c69c5a256d5\n7. https://plugins.trac.wordpress.org/changeset/3246221/", "creation_timestamp": "2025-02-26T08:32:27.000000Z"}]}