{"vulnerability": "cve-2025-2264", "sightings": [{"uuid": "55e8fba9-0682-4737-adfa-7e402e68afde", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-22641", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lhedykgqho2i", "content": "", "creation_timestamp": "2025-02-04T15:16:09.043499Z"}, {"uuid": "766ee517-6b05-46cd-a30b-30cee5cf44f1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-22642", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lhedymw5zg2h", "content": "", "creation_timestamp": "2025-02-04T15:16:11.665419Z"}, {"uuid": "c6193c45-d071-4a66-b915-0c0a046085a7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-22643", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lhedyp4edv2n", "content": "", "creation_timestamp": "2025-02-04T15:16:14.019791Z"}, {"uuid": "0eae84d2-ea4e-4e5b-9b85-eebd3f0ced9d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-22645", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lii3c75qxi2o", "content": "", "creation_timestamp": "2025-02-18T20:16:19.724950Z"}, {"uuid": "c0dd7f7a-1bb0-4c07-ba83-e7d5764674be", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-2264", "type": "seen", "source": "https://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/gather/pacsserver_traversal.rb", "content": "", "creation_timestamp": "2025-05-06T06:44:10.000000Z"}, {"uuid": "a053c677-4173-442b-b4bb-d487a40ca6a1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-2264", "type": "confirmed", "source": "https://github.com/projectdiscovery/nuclei-templates/tree/main/http/cves/2025/CVE-2025-2264.yaml", "content": "", "creation_timestamp": "2025-04-09T10:22:30.000000Z"}, {"uuid": "5e6ae7d4-e5cf-4778-ae53-d19760dadd33", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-2264", "type": "seen", "source": "MISP/a9d21043-f825-4bac-8d2b-56fb9e8343e7", "content": "", "creation_timestamp": "2025-10-23T21:13:04.000000Z"}, {"uuid": "9779e826-9bed-4281-a4c0-90956593ea5b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-2264", "type": "seen", "source": "https://bsky.app/profile/beikokucyber.bsky.social/post/3lvh2sctjpx2g", "content": "", "creation_timestamp": "2025-08-02T21:02:22.067576Z"}, {"uuid": "6367061f-ec25-4cc6-a57e-9b70b9eed6de", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-2264", "type": "seen", "source": "https://bsky.app/profile/beikokucyber.bsky.social/post/3lmkw4ciojd2t", "content": "", "creation_timestamp": "2025-04-11T21:02:26.174947Z"}, {"uuid": "ff343751-ae66-464d-9e17-0da0d90110fa", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-2264", "type": "seen", "source": "https://bsky.app/profile/beikokucyber.bsky.social/post/3lojrrabwqj2q", "content": "", "creation_timestamp": "2025-05-06T21:02:18.721854Z"}, {"uuid": "86bc943b-c15e-4626-a536-a3e0c116f2fd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-2264", "type": "seen", "source": "https://t.me/cvedetector/20236", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-2264 - Sante PACS Server Path Traversal Information Disclosure\", \n  \"Content\": \"CVE ID : CVE-2025-2264 \nPublished : March 13, 2025, 5:15 p.m. | 43\u00a0minutes ago \nDescription : A Path Traversal Information Disclosure vulnerability exists in \"Sante PACS Server.exe\". An unauthenticated remote attacker can exploit it to download arbitrary files on the disk drive where the application is installed. \nSeverity: 7.5 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"13 Mar 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-03-13T19:48:12.000000Z"}, {"uuid": "d2fbda26-ebb9-48ba-9a26-3829a222ab37", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-22648", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/9167", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-22648\n\ud83d\udd25 CVSS Score: 6.5 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L)\n\ud83d\udd39 Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Plugin Devs Blog, Posts and Category Filter for Elementor allows Stored XSS.This issue affects Blog, Posts and Category Filter for Elementor: from n/a through 2.0.1.\n\ud83d\udccf Published: 2025-03-27T15:06:29.755Z\n\ud83d\udccf Modified: 2025-03-27T18:09:38.556Z\n\ud83d\udd17 References:\n1. https://patchstack.com/database/wordpress/plugin/blog-posts-and-category-for-elementor/vulnerability/wordpress-blog-posts-and-category-filter-for-elementor-plugin-2-0-1-cross-site-scripting-xss-vulnerability?_s_id=cve", "creation_timestamp": "2025-03-27T18:26:43.000000Z"}, {"uuid": "69281015-8640-4a51-bf77-71d36d270bb3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-2264", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/7426", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-2264\n\ud83d\udd25 CVSS Score: 7.5 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N)\n\ud83d\udd39 Description: A Path Traversal Information Disclosure vulnerability exists in \"Sante PACS Server.exe\". An unauthenticated remote attacker can exploit it to download arbitrary files on the disk drive where the application is installed.\n\ud83d\udccf Published: 2025-03-13T16:29:07.468Z\n\ud83d\udccf Modified: 2025-03-13T16:29:44.925Z\n\ud83d\udd17 References:\n1. https://www.tenable.com/security/research/tra-2025-08", "creation_timestamp": "2025-03-13T16:45:19.000000Z"}, {"uuid": "78e4a737-c9c7-4718-b770-1a90460d2c0c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-22644", "type": "seen", "source": "Telegram/ggttxZlZstNJAeAGMjql_bTwrWMMy661VkhxBCQCCiwWZxQ", "content": "", "creation_timestamp": "2026-01-09T18:06:19.000000Z"}, {"uuid": "4aba2a2f-372d-4986-9d90-52eca144fa7a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-22647", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/9108", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-22647\n\ud83d\udd25 CVSS Score: 4.3 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N)\n\ud83d\udd39 Description: Missing Authorization vulnerability in smackcoders AIO Performance Profiler, Monitor, Optimize, Compress & Debug allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects AIO Performance Profiler, Monitor, Optimize, Compress & Debug: from n/a through 1.2.\n\ud83d\udccf Published: 2025-03-27T15:07:25.357Z\n\ud83d\udccf Modified: 2025-03-27T15:22:44.799Z\n\ud83d\udd17 References:\n1. https://patchstack.com/database/wordpress/plugin/all-in-one-performance-accelerator/vulnerability/wordpress-aio-performance-profiler-plugin-1-2-broken-access-control-vulnerability?_s_id=cve", "creation_timestamp": "2025-03-27T15:26:34.000000Z"}, {"uuid": "c7881179-761c-4656-9b81-2cd42ffb6143", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-22646", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/9107", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-22646\n\ud83d\udd25 CVSS Score: 6.5 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L)\n\ud83d\udd39 Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in aThemes aThemes Addons for Elementor allows Stored XSS.This issue affects aThemes Addons for Elementor: from n/a through 1.0.8.\n\ud83d\udccf Published: 2025-03-27T15:08:21.220Z\n\ud83d\udccf Modified: 2025-03-27T15:23:05.526Z\n\ud83d\udd17 References:\n1. https://patchstack.com/database/wordpress/plugin/athemes-addons-for-elementor-lite/vulnerability/wordpress-athemes-addons-for-elementor-plugin-1-0-8-stored-cross-site-scripting-xss-vulnerability?_s_id=cve", "creation_timestamp": "2025-03-27T15:26:33.000000Z"}, {"uuid": "45f4a7b1-128f-431e-98be-ec4f451d8aab", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-2264", "type": "published-proof-of-concept", "source": "https://t.me/realcodeb0ss/102", "content": "", "creation_timestamp": "2025-10-06T18:30:28.000000Z"}, {"uuid": "7b5209cb-f681-4e0e-b039-51a241b3f6f5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-22649", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/9162", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-22649\n\ud83d\udd25 CVSS Score: 5.9 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:L)\n\ud83d\udd39 Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in weDevs WP Project Manager wedevs-project-manager allows Stored XSS.This issue affects WP Project Manager: from n/a through 2.6.22.\n\ud83d\udccf Published: 2025-03-27T15:05:39.426Z\n\ud83d\udccf Modified: 2025-03-27T18:15:15.218Z\n\ud83d\udd17 References:\n1. https://patchstack.com/database/wordpress/plugin/wedevs-project-manager/vulnerability/wordpress-wp-project-manager-plugin-2-6-17-cross-site-scripting-xss-vulnerability?_s_id=cve", "creation_timestamp": "2025-03-27T18:26:37.000000Z"}, {"uuid": "dab71239-e839-42ae-9aff-fb0988540b8f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-22642", "type": "seen", "source": "https://t.me/cvedetector/17217", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-22642 - RTO GmbH Dynamic Conditions Stored Cross-site Scripting Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-22642 \nPublished : Feb. 4, 2025, 3:15 p.m. | 1\u00a0hour, 54\u00a0minutes ago \nDescription : Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in RTO GmbH Dynamic Conditions allows Stored XSS. This issue affects Dynamic Conditions: from n/a through 1.7.4. \nSeverity: 6.5 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"04 Feb 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-02-04T18:54:39.000000Z"}, {"uuid": "5308e7b8-dd9a-4e57-96f9-59f8ed5d07a0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-22643", "type": "seen", "source": "https://t.me/cvedetector/17218", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-22643 - OnePress Missing Authorization Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-22643 \nPublished : Feb. 4, 2025, 3:15 p.m. | 1\u00a0hour, 54\u00a0minutes ago \nDescription : Missing Authorization vulnerability in FameThemes OnePress allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects OnePress: from n/a through 2.3.11. \nSeverity: 4.3 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"04 Feb 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-02-04T18:54:39.000000Z"}]}