{"vulnerability": "cve-2025-5585", "sightings": [{"uuid": "fa2dd538-2bd6-4962-b290-0562c6d37282", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-55852", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lxx6sqhsy22z", "content": "", "creation_timestamp": "2025-09-03T17:47:07.122361Z"}, {"uuid": "4608e4a8-d788-4e4a-ade9-adff7ee41b51", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-5585", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lsfxq2qii225", "content": "", "creation_timestamp": "2025-06-25T06:19:07.041441Z"}, {"uuid": "81af7980-6940-4057-8eab-fd9f468657f3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-55854", "type": "seen", "source": "https://sploitus.com/exploit?id=9BCFD176-60AB-58A9-A7C5-1B2F6657E1FF", "content": "", "creation_timestamp": "2025-10-28T16:07:25.000000Z"}, {"uuid": "32556275-b03e-4f8c-ad95-044f00ef98b8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-55854", "type": "published-proof-of-concept", "source": "Telegram/CDt_HzIN7548i7TRXAEk60uFdlQU82AVKmra4Di8aYf9fBk", "content": "", "creation_timestamp": "2025-10-28T19:00:08.000000Z"}, {"uuid": "57550677-c7e1-40b8-a5a8-482cb79555f5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-55854", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/57332", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2025\n\u63cf\u8ff0\uff1aPoC for CVE-2025-55854\nURL\uff1ahttps://github.com/PushkarAyengar/CVE-2025-55854-PoC\n\n\u6807\u7b7e\uff1a#CVE-2025", "creation_timestamp": "2025-10-28T17:40:34.000000Z"}, {"uuid": "e48232ee-da23-4570-bad5-e17be0205966", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-5585", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/19415", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-5585\n\ud83d\udd25 CVSS Score: 6.4 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N)\n\ud83d\udd39 Description: The SiteOrigin Widgets Bundle plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the `data-url` DOM Element Attribute in all versions up to, and including, 1.68.4 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.\n\ud83d\udccf Published: 2025-06-25T02:22:07.865Z\n\ud83d\udccf Modified: 2025-06-25T02:22:07.865Z\n\ud83d\udd17 References:\n1. https://www.wordfence.com/threat-intel/vulnerabilities/id/bb1b93ee-8641-4ddb-8b6b-2e9d30fe338d?source=cve\n2. https://plugins.svn.wordpress.org/so-widgets-bundle/tags/1.68.4/js/slider/jquery.slider.js", "creation_timestamp": "2025-06-25T02:46:40.000000Z"}, {"uuid": "2e5bfcc0-5440-41d2-b62d-85083e389443", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-55854", "type": "exploited", "source": "Telegram/p9aXpoU_FZfvPwaFGC2z6wToIKsj9JEw53i6nfBS-Wl44_8", "content": "", "creation_timestamp": "2025-10-28T21:00:05.000000Z"}]}