<?xml version='1.0' encoding='UTF-8'?>
<?xml-stylesheet href="/static/style.xsl" type="text/xsl"?>
<feed xmlns="http://www.w3.org/2005/Atom" xml:lang="en">
  <id>https://vulnerability.circl.lu/sightings/feed</id>
  <title>Most recent sightings.</title>
  <updated>2026-07-05T05:53:35.088371+00:00</updated>
  <author>
    <name>Vulnerability-Lookup</name>
    <email>info@circl.lu</email>
  </author>
  <link href="https://vulnerability.circl.lu" rel="alternate"/>
  <generator uri="https://lkiesow.github.io/python-feedgen" version="1.0.0">python-feedgen</generator>
  <subtitle>Contains only the most 10 recent sightings.</subtitle>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/7fb9422c-9827-4cff-889b-0b3aff000ad5/export</id>
    <title>7fb9422c-9827-4cff-889b-0b3aff000ad5</title>
    <updated>2026-07-05T05:53:35.112319+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cvepremium.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "7fb9422c-9827-4cff-889b-0b3aff000ad5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-26736", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/10208", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-26736\n\ud83d\udd25 CVSS Score: 6.5 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L)\n\ud83d\udd39 Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in viktoras MorningTime Lite allows Stored XSS.This issue affects MorningTime Lite: from n/a through 1.3.2.\n\ud83d\udccf Published: 2025-03-27T13:57:39.508Z\n\ud83d\udccf Modified: 2025-04-03T13:19:32.812Z\n\ud83d\udd17 References:\n1. https://patchstack.com/database/wordpress/theme/morningtime-lite/vulnerability/wordpress-morningtime-lite-theme-1-3-2-stored-cross-site-scripting-xss-vulnerability?_s_id=cve", "creation_timestamp": "2025-04-03T13:34:56.000000Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/7fb9422c-9827-4cff-889b-0b3aff000ad5/export"/>
    <published>2025-04-03T13:34:56+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/35870753-ec96-4af4-97eb-973f37c89230/export</id>
    <title>35870753-ec96-4af4-97eb-973f37c89230</title>
    <updated>2026-07-05T05:53:35.116303+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cvepremium.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "35870753-ec96-4af4-97eb-973f37c89230", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-26737", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/10207", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-26737\n\ud83d\udd25 CVSS Score: 6.5 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L)\n\ud83d\udd39 Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in yudleethemes City Store allows DOM-Based XSS.This issue affects City Store: from n/a through 1.4.5.\n\ud83d\udccf Published: 2025-03-27T13:56:36.678Z\n\ud83d\udccf Modified: 2025-04-03T13:19:42.401Z\n\ud83d\udd17 References:\n1. https://patchstack.com/database/wordpress/theme/city-store/vulnerability/wordpress-city-store-theme-1-4-5-cross-site-scripting-xss-vulnerability?_s_id=cve", "creation_timestamp": "2025-04-03T13:34:55.000000Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/35870753-ec96-4af4-97eb-973f37c89230/export"/>
    <published>2025-04-03T13:34:55+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/dda0dd59-6266-4659-8899-1d8678b0c918/export</id>
    <title>dda0dd59-6266-4659-8899-1d8678b0c918</title>
    <updated>2026-07-05T05:53:35.116464+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cvepremium.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "dda0dd59-6266-4659-8899-1d8678b0c918", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-26738", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/10205", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-26738\n\ud83d\udd25 CVSS Score: 6.5 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L)\n\ud83d\udd39 Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Graham Quick Interest Slider allows DOM-Based XSS.This issue affects Quick Interest Slider: from n/a through 3.1.3.\n\ud83d\udccf Published: 2025-03-27T13:54:34.447Z\n\ud83d\udccf Modified: 2025-04-03T13:19:54.454Z\n\ud83d\udd17 References:\n1. https://patchstack.com/database/wordpress/plugin/quick-interest-slider/vulnerability/wordpress-quick-interest-slider-plugin-3-1-3-cross-site-scripting-xss-vulnerability?_s_id=cve", "creation_timestamp": "2025-04-03T13:34:50.000000Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/dda0dd59-6266-4659-8899-1d8678b0c918/export"/>
    <published>2025-04-03T13:34:50+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/eec6ecbb-9dc9-4152-a90f-afb79e472dc4/export</id>
    <title>eec6ecbb-9dc9-4152-a90f-afb79e472dc4</title>
    <updated>2026-07-05T05:53:35.116585+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cvepremium.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "eec6ecbb-9dc9-4152-a90f-afb79e472dc4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-26731", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/9408", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-26731\n\ud83d\udd25 CVSS Score: 6.5 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L)\n\ud83d\udd39 Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Repute Infosystems ARPrice allows Stored XSS.This issue affects ARPrice: from n/a through 4.1.3.\n\ud83d\udccf Published: 2025-03-27T14:01:48.770Z\n\ud83d\udccf Modified: 2025-03-28T17:00:52.054Z\n\ud83d\udd17 References:\n1. https://patchstack.com/database/wordpress/plugin/arprice/vulnerability/wordpress-arprice-plugin-4-1-3-cross-site-scripting-xss-vulnerability?_s_id=cve", "creation_timestamp": "2025-03-28T17:28:50.000000Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/eec6ecbb-9dc9-4152-a90f-afb79e472dc4/export"/>
    <published>2025-03-28T17:28:50+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/a7d23e3b-f900-4a95-8cdb-5bcb73199ec3/export</id>
    <title>a7d23e3b-f900-4a95-8cdb-5bcb73199ec3</title>
    <updated>2026-07-05T05:53:35.116697+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cvepremium.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "a7d23e3b-f900-4a95-8cdb-5bcb73199ec3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-26732", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/9403", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-26732\n\ud83d\udd25 CVSS Score: 6.5 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L)\n\ud83d\udd39 Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in BurgerThemes StoreBiz allows DOM-Based XSS.This issue affects StoreBiz: from n/a through 1.0.32.\n\ud83d\udccf Published: 2025-03-27T14:00:07.569Z\n\ud83d\udccf Modified: 2025-03-28T17:11:32.675Z\n\ud83d\udd17 References:\n1. https://patchstack.com/database/wordpress/theme/storebiz/vulnerability/wordpress-storebiz-plugin-1-0-32-cross-site-scripting-xss-vulnerability?_s_id=cve", "creation_timestamp": "2025-03-28T17:28:43.000000Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/a7d23e3b-f900-4a95-8cdb-5bcb73199ec3/export"/>
    <published>2025-03-28T17:28:43+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/7f5455f8-eb0f-4300-8f93-fd889fd378aa/export</id>
    <title>7f5455f8-eb0f-4300-8f93-fd889fd378aa</title>
    <updated>2026-07-05T05:53:35.116819+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cvepremium.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "7f5455f8-eb0f-4300-8f93-fd889fd378aa", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-26734", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/9402", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-26734\n\ud83d\udd25 CVSS Score: 6.5 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L)\n\ud83d\udd39 Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in peregrinethemes Hester allows Stored XSS.This issue affects Hester: from n/a through 1.1.10.\n\ud83d\udccf Published: 2025-03-27T13:58:36.836Z\n\ud83d\udccf Modified: 2025-03-28T17:11:39.756Z\n\ud83d\udd17 References:\n1. https://patchstack.com/database/wordpress/theme/hester/vulnerability/wordpress-hester-plugin-1-1-10-cross-site-scripting-xss-vulnerability?_s_id=cve", "creation_timestamp": "2025-03-28T17:28:42.000000Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/7f5455f8-eb0f-4300-8f93-fd889fd378aa/export"/>
    <published>2025-03-28T17:28:42+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/b8917d9a-2419-4727-ba07-e9dec2644096/export</id>
    <title>b8917d9a-2419-4727-ba07-e9dec2644096</title>
    <updated>2026-07-05T05:53:35.116939+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cvepremium.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "b8917d9a-2419-4727-ba07-e9dec2644096", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-26733", "type": "seen", "source": "https://bsky.app/profile/redteamnews.bsky.social/post/3llgiwe5hgb2j", "content": "", "creation_timestamp": "2025-03-28T09:30:30.464671Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/b8917d9a-2419-4727-ba07-e9dec2644096/export"/>
    <published>2025-03-28T09:30:30.464671+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/d116a9db-c53e-4159-ae72-b6bb45f485d9/export</id>
    <title>d116a9db-c53e-4159-ae72-b6bb45f485d9</title>
    <updated>2026-07-05T05:53:35.117058+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cvepremium.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "d116a9db-c53e-4159-ae72-b6bb45f485d9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-26733", "type": "seen", "source": "https://t.me/cvedetector/21352", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-26733 - Shinetheme Traveler Missing Authorization\", \n  \"Content\": \"CVE ID : CVE-2025-26733 \nPublished : March 27, 2025, 10:15 p.m. | 1\u00a0hour, 39\u00a0minutes ago \nDescription : Missing Authorization vulnerability in Shinetheme Traveler.This issue affects Traveler: from n/a through 3.1.8. \nSeverity: 8.2 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"28 Mar 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-03-28T01:01:19.000000Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/d116a9db-c53e-4159-ae72-b6bb45f485d9/export"/>
    <published>2025-03-28T01:01:19+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/e46972fc-b262-4738-b48c-144f9bf2497c/export</id>
    <title>e46972fc-b262-4738-b48c-144f9bf2497c</title>
    <updated>2026-07-05T05:53:35.117183+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cvepremium.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "e46972fc-b262-4738-b48c-144f9bf2497c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-26733", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/9235", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-26733\n\ud83d\udd25 CVSS Score: 8.2 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:L)\n\ud83d\udd39 Description: Missing Authorization vulnerability in Shinetheme Traveler.This issue affects Traveler: from n/a through 3.1.8.\n\ud83d\udccf Published: 2025-03-27T22:01:31.581Z\n\ud83d\udccf Modified: 2025-03-27T22:01:31.581Z\n\ud83d\udd17 References:\n1. https://patchstack.com/database/wordpress/theme/traveler/vulnerability/wordpress-traveler-theme-3-1-8-broken-access-control-vulnerability?_s_id=cve", "creation_timestamp": "2025-03-27T22:36:42.000000Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/e46972fc-b262-4738-b48c-144f9bf2497c/export"/>
    <published>2025-03-27T22:36:42+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/1c9a77c7-e929-4169-8658-d62c7738e029/export</id>
    <title>1c9a77c7-e929-4169-8658-d62c7738e029</title>
    <updated>2026-07-05T05:53:35.117313+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cvepremium.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "1c9a77c7-e929-4169-8658-d62c7738e029", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-2673", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3ll3vwkcfbq2e", "content": "", "creation_timestamp": "2025-03-24T04:23:58.052100Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/1c9a77c7-e929-4169-8658-d62c7738e029/export"/>
    <published>2025-03-24T04:23:58.052100+00:00</published>
  </entry>
</feed>
