{"vulnerability": "cve-2025-3435", "sightings": [{"uuid": "0ba1b9c1-7748-4465-b32c-6f42c183cf5a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-34352", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3m6zu44kngm2n", "content": "", "creation_timestamp": "2025-12-02T21:09:50.732595Z"}, {"uuid": "27085058-828f-4e8f-9c7c-1f310e709444", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-3435", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lnjxaditeu2l", "content": "", "creation_timestamp": "2025-04-24T05:15:03.246951Z"}, {"uuid": "0c582529-9b97-4e89-874d-0de2ba906359", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-3435", "type": "seen", "source": "https://t.me/cvedetector/23642", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-3435 - Mang Board WP Stored Cross-Site Scripting Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-3435 \nPublished : April 24, 2025, 4:15 a.m. | 2\u00a0hours, 14\u00a0minutes ago \nDescription : The Mang Board WP plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the board_header and board_footer parameters in all versions up to, and including, 1.8.6 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level access, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. This only affects multi-site installations and installations where unfiltered_html has been disabled. \nSeverity: 4.4 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"24 Apr 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-04-24T08:52:54.000000Z"}, {"uuid": "83aa91a6-36f4-43b3-9183-6c58f4a078dc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-34352", "type": "seen", "source": "https://bsky.app/profile/hacker.at.thenote.app/post/3ma6gkkhhy22s", "content": "", "creation_timestamp": "2025-12-17T10:15:53.887189Z"}, {"uuid": "e5dc06de-ffa8-4937-b58d-6aebb6184d8f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-34352", "type": "seen", "source": "https://bsky.app/profile/cybersentinel404.bsky.social/post/3ma6l6re36c2o", "content": "", "creation_timestamp": "2025-12-17T11:38:46.724493Z"}, {"uuid": "52219e97-412c-4e86-8d16-f495013a7bb0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-34352", "type": "seen", "source": "https://bsky.app/profile/securityrss.bsky.social/post/3ma6mpo6l4v2n", "content": "", "creation_timestamp": "2025-12-17T12:06:08.839718Z"}, {"uuid": "fabd85ca-bfbb-4377-b3e6-622e90d9a88c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-34352", "type": "seen", "source": "https://infosec.exchange/users/edwardk/statuses/115735195496901632", "content": "", "creation_timestamp": "2025-12-17T13:42:15.613783Z"}, {"uuid": "e78501c0-b9c0-4e77-9682-a0635f0db45c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-34352", "type": "seen", "source": "https://threatintel.cc/2025/12/17/jumpcloud-remote-assist-vulnerability-can.html", "content": "", "creation_timestamp": "2025-12-17T12:42:21.000000Z"}, {"uuid": "158a2da0-9bac-4b62-8b62-3417ee667391", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-34352", "type": "seen", "source": "https://bsky.app/profile/eyalestrin.bsky.social/post/3maprqdnip227", "content": "", "creation_timestamp": "2025-12-24T07:51:14.005330Z"}, {"uuid": "21fe15f0-7448-43bc-8924-b3f9776d9783", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-34350", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3m6icx4kzah2q", "content": "", "creation_timestamp": "2025-11-25T21:47:33.737012Z"}, {"uuid": "1305d083-5d2b-4d5c-b261-bbf2d965ba0f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2025-34351", "type": "seen", "source": "https://infosec.exchange/users/offseq/statuses/115619789202134613", "content": "", "creation_timestamp": "2025-11-27T04:32:56.460851Z"}, {"uuid": "c0ad2efb-97ca-4b87-ac82-da8ec2dd3c42", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2025-34351", "type": "seen", "source": "https://bsky.app/profile/offseq.bsky.social/post/3m6lk2x6rq52g", "content": "", "creation_timestamp": "2025-11-27T04:32:59.705999Z"}, {"uuid": "16b2a100-9dc0-4c88-ab25-ff084ceed9a3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-34351", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3m6lmvrfdg22q", "content": "", "creation_timestamp": "2025-11-27T05:23:45.112932Z"}, {"uuid": "62c515f0-2749-48d7-bd5c-54ae159d4769", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-34352", "type": "seen", "source": "https://mstdn.social/users/Hackread/statuses/115729559393734437", "content": "", "creation_timestamp": "2025-12-16T13:48:56.061875Z"}, {"uuid": "cbbd1d9d-dcda-4a3d-8c1c-72344bff4546", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-34352", "type": "seen", "source": "https://bsky.app/profile/r-netsec-bot.bsky.social/post/3maaxplc4ny2c", "content": "", "creation_timestamp": "2025-12-18T10:28:15.602479Z"}, {"uuid": "e3844a79-5f33-438e-81ba-d84b9fad3b26", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-34352", "type": "seen", "source": "https://bsky.app/profile/r-netsec.bsky.social/post/3mab7v6jmvi2d", "content": "", "creation_timestamp": "2025-12-18T12:54:32.419870Z"}, {"uuid": "91408645-4990-4411-ab09-8c3bff5955a3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-34352", "type": "seen", "source": "https://bsky.app/profile/buherator.bsky.social/post/3mabkmskfyt24", "content": "", "creation_timestamp": "2025-12-18T16:06:42.652024Z"}, {"uuid": "4531d8c8-0122-4a49-ac65-89452638b49b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-3435", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/13180", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-3435\n\ud83d\udd25 CVSS Score: 4.4 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N)\n\ud83d\udd39 Description: The Mang Board WP plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the board_header and board_footer parameters in all versions up to, and including, 1.8.6 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level access, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. This only affects multi-site installations and installations where unfiltered_html has been disabled.\n\ud83d\udccf Published: 2025-04-24T03:21:30.361Z\n\ud83d\udccf Modified: 2025-04-24T03:21:30.361Z\n\ud83d\udd17 References:\n1. https://www.wordfence.com/threat-intel/vulnerabilities/id/5b97a2f7-b730-4fb7-a41e-dd37f5f87f27?source=cve\n2. https://plugins.trac.wordpress.org/changeset/3272163/mangboard/trunk", "creation_timestamp": "2025-04-24T04:05:58.000000Z"}]}