{"vulnerability": "cve-2025-2302", "sightings": [{"uuid": "f5f99fb6-0fef-4f36-8ef3-9b8bca3a1eaa", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-23026", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113822745975140566", "content": "", "creation_timestamp": "2025-01-13T19:41:12.487655Z"}, {"uuid": "1407fda0-09c2-465f-aa50-b3b1a0f3fbe8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-23027", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113822772296271638", "content": "", "creation_timestamp": "2025-01-13T19:47:53.876639Z"}, {"uuid": "8663e66d-a33f-4be8-9ce7-abaf63ae70f0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-23025", "type": "seen", "source": "https://mastodon.social/users/CyberSignaler/statuses/113828202785750512", "content": "", "creation_timestamp": "2025-01-14T18:49:08.996393Z"}, {"uuid": "08bc0d84-ecfe-4c33-b446-2621c7170cff", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-23026", "type": "seen", "source": "https://bsky.app/profile/gothburz.bsky.social/post/3lfpr5khx5y2k", "content": "", "creation_timestamp": "2025-01-14T17:20:29.760770Z"}, {"uuid": "f3ee28bb-ebda-46e6-93cc-a74f1936e566", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-23022", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113804705475306430", "content": "", "creation_timestamp": "2025-01-10T15:13:15.535984Z"}, {"uuid": "14c3ccf7-60c3-4278-94f7-31e4270bdf1d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-23022", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lfficlo42s22", "content": "", "creation_timestamp": "2025-01-10T15:15:37.713431Z"}, {"uuid": "53d031c1-9084-4ac5-a7bb-76007c3247fc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-23022", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lffk67wqra2e", "content": "", "creation_timestamp": "2025-01-10T15:48:58.330027Z"}, {"uuid": "8d974f12-9715-41d5-a142-80ec26e1b126", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-23025", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lfpuoyfn4y2t", "content": "", "creation_timestamp": "2025-01-14T18:23:55.643625Z"}, {"uuid": "89f414d5-de30-4e78-9856-2ddd21f80dc5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-23023", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113947591485236644", "content": "", "creation_timestamp": "2025-02-04T20:51:03.079147Z"}, {"uuid": "507601ea-5ba4-43d4-be5d-8b3493fcbac7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-23023", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lhey4jhzvu2i", "content": "", "creation_timestamp": "2025-02-04T21:16:17.153962Z"}, {"uuid": "09c87147-377b-494a-b0b1-d9f87b046592", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-23024", "type": "seen", "source": "MISP/24306fae-b16b-4478-9297-d2973cdb583c", "content": "", "creation_timestamp": "2025-08-22T14:52:23.000000Z"}, {"uuid": "32a5eec1-b7d3-438e-9e73-9df92960e23b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-23028", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lgdumkt2pc2w", "content": "", "creation_timestamp": "2025-01-22T17:15:49.012226Z"}, {"uuid": "068ba278-e827-4840-b2f1-b8ed0d081afb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-23028", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lge5j6bgoy2k", "content": "", "creation_timestamp": "2025-01-22T19:55:00.808532Z"}, {"uuid": "112ec4bc-6199-4e97-8b77-1afe2249df9f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-23023", "type": "seen", "source": "https://mastodon.social/users/CyberSignaler/statuses/113948054245439680", "content": "", "creation_timestamp": "2025-02-04T22:48:44.570699Z"}, {"uuid": "dd33d71a-6249-4286-93df-1a67ccc664ee", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-2302", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3llalqxlw5y2k", "content": "", "creation_timestamp": "2025-03-26T01:05:14.659137Z"}, {"uuid": "965298ef-20e9-455c-9088-c0f7a744fa86", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-23022", "type": "seen", "source": "https://bsky.app/profile/ferramentaslinux.bsky.social/post/3lotsm6zw7k2i", "content": "", "creation_timestamp": "2025-05-10T20:44:00.438868Z"}, {"uuid": "874f7e51-22bc-4892-8746-31f19c5a06cb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-23020", "type": "seen", "source": "https://t.me/cvedetector/18513", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-23020 - Kwik Hash DoS\", \n  \"Content\": \"CVE ID : CVE-2025-23020 \nPublished : Feb. 20, 2025, 3:15 a.m. | 1\u00a0hour, 38\u00a0minutes ago \nDescription : An issue was discovered in Kwik before 0.10.1. A hash collision vulnerability (in the hash table used to manage connections) allows remote attackers to cause a considerable CPU load on the server (a Hash DoS attack) by initiating connections with colliding Source Connection IDs (SCIDs). \nSeverity: 5.3 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"20 Feb 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-02-20T06:27:33.000000Z"}, {"uuid": "e056c89e-f705-415d-9d91-cf32b7e4a602", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-23022", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/1392", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-23022\n\ud83d\udd39 Description: FreeType 2.8.1 has a signed integer overflow in cf2_doFlex in cff/cf2intrp.c.\n\ud83d\udccf Published: 2025-01-10T00:00:00\n\ud83d\udccf Modified: 2025-01-13T20:49:06.014029Z\n\ud83d\udd17 References:\n1. https://gitlab.freedesktop.org/freetype/freetype/-/issues/1312\n2. https://security-tracker.debian.org/tracker/CVE-2025-23022", "creation_timestamp": "2025-01-13T21:11:58.000000Z"}, {"uuid": "af129f0e-2d3d-4c07-ba12-bc0955e6a803", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-23023", "type": "seen", "source": "https://t.me/cvedetector/17248", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-23023 - Discourse Anonymous Cache Poisoning Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-23023 \nPublished : Feb. 4, 2025, 9:15 p.m. | 2\u00a0hours, 7\u00a0minutes ago \nDescription : Discourse is an open source platform for community discussion. In affected versions an attacker can carefully craft a request with the right request headers to poison the anonymous cache (for example, the cache may have a response with missing  preloaded data). This issue only affects anonymous visitors of the site. This problem has been patched in the latest version of Discourse. Users are advised to upgrade. Users unable to upgrade may disable anonymous cache by setting the `DISCOURSE_DISABLE_ANON_CACHE` environment variable to a non-empty value. \nSeverity: 8.2 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"05 Feb 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-02-05T00:45:51.000000Z"}, {"uuid": "6536ace9-69cb-4095-aea1-d85501fa833c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-23024", "type": "seen", "source": "https://t.me/cvedetector/18893", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-23024 - GLPI Unauthenticated Plugin Disabling Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-23024 \nPublished : Feb. 25, 2025, 4:15 p.m. | 1\u00a0hour, 37\u00a0minutes ago \nDescription : GLPI is a free asset and IT management software package. Starting in version 0.72 and prior to version 10.0.18, an anonymous user can disable all the active plugins. Version 10.0.18 contains a patch. As a workaround, one may delete the `install/update.php` file. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"25 Feb 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-02-25T19:03:29.000000Z"}, {"uuid": "d4b97330-5985-47ad-847a-22a73d5d29ce", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-23027", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/1375", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-23027\n\ud83d\udd39 Description: next-forge is a Next.js project boilerplate for modern web application. The BASEHUB_TOKEN commited in apps/web/.env.example. Users should avoid use of this token and should remove any access it may have in their systems.\n\ud83d\udccf Published: 2025-01-13T19:41:43.514Z\n\ud83d\udccf Modified: 2025-01-13T19:41:43.514Z\n\ud83d\udd17 References:\n1. https://github.com/haydenbleasel/next-forge/security/advisories/GHSA-wppx-qmqh-9h33\n2. https://github.com/haydenbleasel/next-forge/commit/239a98f2c308a51d626ae0613102917f82603c1c", "creation_timestamp": "2025-01-13T20:07:27.000000Z"}, {"uuid": "788ee5ea-3044-434e-bc1c-b71c1811e95b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-23025", "type": "seen", "source": "https://t.me/cvedetector/15315", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-23025 - XWiki Platform Script Injection Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-23025 \nPublished : Jan. 14, 2025, 6:16 p.m. | 26\u00a0minutes ago \nDescription : XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. NOTE: The Realtime WYSIWYG Editor extension was **experimental**, and thus **not recommended**, in the versions affected by this vulnerability. It has become enabled by default, and thus recommended, starting with XWiki 16.9.0. A user with only **edit right** can join a realtime editing session where others, that where already there or that may join later, have **script** or **programming** access rights. This user can then insert **script rendering macros** that are executed for those users in the realtime session that have script or programming rights. The inserted scripts can be used to gain more access rights. This vulnerability has been patched in XWiki 15.10.2, 16.4.1 and 16.6.0-rc-1. Users are advised to upgrade. Users unable to upgrade may either disable the realtime WYSIWYG editing by disabling the ``xwiki-realtime`` CKEditor plugin from the WYSIWYG editor administration section or uninstall the Realtime WYSIWYG Editorextension (org.xwiki.platform:xwiki-platform-realtime-wysiwyg-ui). \nSeverity: 9.0 | CRITICAL \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"14 Jan 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-01-14T19:51:32.000000Z"}, {"uuid": "abeb991a-076f-4848-a7b9-4707fc37ab66", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-23026", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/1379", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-23026\n\ud83d\udd39 Description: jte (Java Template Engine) is a secure and lightweight template engine for Java and Kotlin. In affected versions Jte HTML templates with `script` tags or script attributes that include a Javascript template string (backticks) are subject to XSS. The `javaScriptBlock` and `javaScriptAttribute` methods in the `Escape` class do not escape backticks, which are used for Javascript template strings. Dollar signs in template strings should also be escaped as well to prevent undesired interpolation. HTML templates rendered by Jte's `OwaspHtmlTemplateOutput` in versions less than or equal to `3.1.15` with `script` tags or script attributes that contain Javascript template strings (backticks) are vulnerable. Users are advised to upgrade to version 3.1.16 or later to resolve this issue. There are no known workarounds for this vulnerability.\n\ud83d\udccf Published: 2025-01-13T19:36:03.286Z\n\ud83d\udccf Modified: 2025-01-13T19:36:03.286Z\n\ud83d\udd17 References:\n1. https://github.com/casid/jte/security/advisories/GHSA-vh22-6c6h-rm8q\n2. https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Template_literals#description\n3. https://github.com/casid/jte/blob/main/jte-runtime/src/main/java/gg/jte/html/escape/Escape.java#L43-L83", "creation_timestamp": "2025-01-13T20:07:40.000000Z"}, {"uuid": "8b2f26ea-955c-4a1a-9ce0-0cb1d4db362e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-23028", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/2579", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-23028\n\ud83d\udd39 Description: Cilium is a networking, observability, and security solution with an eBPF-based dataplane. A denial of service vulnerability affects versions 1.14.0 through 1.14.7, 1.15.0 through 1.15.11, and 1.16.0 through 1.16.4. In a Kubernetes cluster where Cilium is configured to proxy DNS traffic, an attacker can crash Cilium agents by sending a crafted DNS response to workloads from outside the cluster. For traffic that is allowed but without using DNS-based policy, the dataplane will continue to pass traffic as configured at the time of the DoS. For workloads that have DNS-based policy configured, existing connections may continue to operate, and new connections made without relying on DNS resolution may continue to be established, but new connections which rely on DNS resolution may be disrupted. Any configuration changes that affect the impacted agent may not be applied until the agent is able to restart. This issue is fixed in Cilium v1.14.18, v1.15.12, and v1.16.5. No known workarounds are available.\n\ud83d\udccf Published: 2025-01-22T16:48:19.722Z\n\ud83d\udccf Modified: 2025-01-22T16:48:19.722Z\n\ud83d\udd17 References:\n1. https://github.com/cilium/cilium/security/advisories/GHSA-9m5p-c77c-f9j7\n2. https://github.com/cilium/cilium/pull/36252", "creation_timestamp": "2025-01-22T17:01:50.000000Z"}, {"uuid": "6c8af7f6-e3ec-49b8-bfdb-69aa0978621b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-23025", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/1549", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-23025\n\ud83d\udd39 Description: XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. NOTE: The Realtime WYSIWYG Editor extension was **experimental**, and thus **not recommended**, in the versions affected by this vulnerability. It has become enabled by default, and thus recommended, starting with XWiki 16.9.0. A user with only **edit right** can join a realtime editing session where others, that where already there or that may join later, have **script** or **programming** access rights. This user can then insert **script rendering macros** that are executed for those users in the realtime session that have script or programming rights. The inserted scripts can be used to gain more access rights. This vulnerability has been patched in XWiki 15.10.2, 16.4.1 and 16.6.0-rc-1. Users are advised to upgrade. Users unable to upgrade may either disable the realtime WYSIWYG editing by disabling the ``xwiki-realtime`` CKEditor plugin from the WYSIWYG editor administration section or uninstall the Realtime WYSIWYG Editorextension (org.xwiki.platform:xwiki-platform-realtime-wysiwyg-ui).\n\ud83d\udccf Published: 2025-01-14T17:42:14.304Z\n\ud83d\udccf Modified: 2025-01-14T17:42:14.304Z\n\ud83d\udd17 References:\n1. https://github.com/xwiki/xwiki-platform/security/advisories/GHSA-rmm7-r7wr-xpfg\n2. https://extensions.xwiki.org/xwiki/bin/view/Extension/CKEditor+Integration#HAdministrationSection\n3. https://extensions.xwiki.org/xwiki/bin/view/Extension/Realtime%20WYSIWYG%20Editor\n4. https://jira.xwiki.org/browse/XWIKI-21949", "creation_timestamp": "2025-01-14T18:09:22.000000Z"}, {"uuid": "0bebe9b0-58c2-4df2-b461-763528086dcd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-2302", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/8791", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-2302\n\ud83d\udd25 CVSS Score: 6.4 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N)\n\ud83d\udd39 Description: The Advanced Woo Search plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's aws_search_terms shortcode in all versions up to, and including, 3.28 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.\n\ud83d\udccf Published: 2025-03-25T23:21:55.903Z\n\ud83d\udccf Modified: 2025-03-25T23:21:55.903Z\n\ud83d\udd17 References:\n1. https://www.wordfence.com/threat-intel/vulnerabilities/id/ef8fca84-3ea1-432f-8cfe-9a1d1f70fa6f?source=cve\n2. https://plugins.trac.wordpress.org/browser/advanced-woo-search/tags/3.28/includes/class-aws-shortcodes.php#L50\n3. https://plugins.trac.wordpress.org/browser/advanced-woo-search/tags/3.28/includes/class-aws-shortcodes.php#L175", "creation_timestamp": "2025-03-26T00:25:04.000000Z"}, {"uuid": "4dd6a35b-d227-437c-8ad8-9943856bf8f2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-2302", "type": "seen", "source": "https://t.me/cvedetector/21142", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-2302 - \"Advanced Woo Search Stored Cross-Site Scripting Vulnerability\"\", \n  \"Content\": \"CVE ID : CVE-2025-2302 \nPublished : March 26, 2025, 12:15 a.m. | 2\u00a0hours, 11\u00a0minutes ago \nDescription : The Advanced Woo Search plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's aws_search_terms shortcode in all versions up to, and including, 3.28 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. \nSeverity: 6.4 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"26 Mar 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-03-26T03:51:26.000000Z"}, {"uuid": "11111f25-9cea-4927-ab6f-078c6decd076", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-23028", "type": "seen", "source": "https://t.me/cvedetector/16127", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-23028 - Cilium DNS Response Denial of Service Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-23028 \nPublished : Jan. 22, 2025, 5:15 p.m. | 36\u00a0minutes ago \nDescription : Cilium is a networking, observability, and security solution with an eBPF-based dataplane. A denial of service vulnerability affects versions 1.14.0 through 1.14.7, 1.15.0 through 1.15.11, and 1.16.0 through 1.16.4. In a Kubernetes cluster where Cilium is configured to proxy DNS traffic, an attacker can crash Cilium agents by sending a crafted DNS response to workloads from outside the cluster. For traffic that is allowed but without using DNS-based policy, the dataplane will continue to pass traffic as configured at the time of the DoS. For workloads that have DNS-based policy configured, existing connections may continue to operate, and new connections made without relying on DNS resolution may continue to be established, but new connections which rely on DNS resolution may be disrupted. Any configuration changes that affect the impacted agent may not be applied until the agent is able to restart. This issue is fixed in Cilium v1.14.18, v1.15.12, and v1.16.5. No known workarounds are available. \nSeverity: 5.3 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"22 Jan 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-01-22T18:54:30.000000Z"}, {"uuid": "38f8be1b-01c8-496b-b4e4-d4dfc070d7ce", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-23026", "type": "seen", "source": "https://t.me/cvedetector/15171", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-23026 - Jte Java Template Engine Unsandboxed Code Injection Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-23026 \nPublished : Jan. 13, 2025, 8:15 p.m. | 43\u00a0minutes ago \nDescription : jte (Java Template Engine) is a secure and lightweight template engine for Java and Kotlin. In affected versions Jte HTML templates with `script` tags or script attributes that include a Javascript template string (backticks) are subject to XSS. The `javaScriptBlock` and `javaScriptAttribute` methods in the `Escape` class do not escape backticks, which are used for Javascript template strings. Dollar signs in template strings should also be escaped as well to prevent undesired interpolation. HTML templates rendered by Jte's `OwaspHtmlTemplateOutput` in versions less than or equal to `3.1.15` with `script` tags or script attributes that contain Javascript template strings (backticks) are vulnerable. Users are advised to upgrade to version 3.1.16 or later to resolve this issue. There are no known workarounds for this vulnerability. \nSeverity: 6.1 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"13 Jan 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-01-13T22:05:39.000000Z"}, {"uuid": "8a028520-fdba-44d3-bbff-b8e464f0718a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-23022", "type": "seen", "source": "https://t.me/cvedetector/14960", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-23022 - FreeType Integer Overflow Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-23022 \nPublished : Jan. 10, 2025, 3:15 p.m. | 37\u00a0minutes ago \nDescription : FreeType 2.8.1 has a signed integer overflow in cf2_doFlex in cff/cf2intrp.c. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"10 Jan 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-01-10T17:10:32.000000Z"}, {"uuid": "5c489a9b-a146-4fe8-ba32-a85f19b65bd0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-23027", "type": "seen", "source": "https://t.me/cvedetector/15170", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-23027 - Next Forge BaseHub Token Exposure\", \n  \"Content\": \"CVE ID : CVE-2025-23027 \nPublished : Jan. 13, 2025, 8:15 p.m. | 43\u00a0minutes ago \nDescription : next-forge is a Next.js project boilerplate for modern web application. The BASEHUB_TOKEN commited in apps/web/.env.example. Users should avoid use of this token and should remove any access it may have in their systems. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"13 Jan 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-01-13T22:05:38.000000Z"}, {"uuid": "f26288aa-1282-4bd3-8cf3-f39737e03ed9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-23020", "type": "seen", "source": "Telegram/E9-kEbHFbfaC6XAaS_btdUU03-EjIf2YrG18E7mu8pQpvVZu", "content": "", "creation_timestamp": "2025-02-20T23:26:53.000000Z"}]}